| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=5.1.14393.1944
RunspaceId=9c440bf0-6da8-4a7d-a5ac-50b20bafc43d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3542 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3541 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3540 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3539 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3538 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3537 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3215a5bd-063c-4d9e-a5c6-06079952212d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABDADoAXABjAG8AbABsAGUAYwB0AC0AZQB2AGUAbgB0AC0AbABvAGcALgBwAHMAMQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3536 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c8bed208-07ce-4555-9059-7c4cd99e23c8
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3535 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c8bed208-07ce-4555-9059-7c4cd99e23c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3534 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3533 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3532 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3531 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3530 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3529 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3528 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3527 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f8d09a19-d9b2-4afd-8f33-0545ae0034cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3526 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ba73ae2b-e67f-4d55-8039-f1abe3ac81c2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3525 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3524 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3523 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3522 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3521 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3520 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=76d85737-f1bd-4a32-9b75-75b728c8998b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3519 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1fb69f2c-ca1c-4142-926e-f89c0ad27586
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3518 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=7b995a45-6e98-415b-9aba-ce5eb5740076
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3517 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=7b995a45-6e98-415b-9aba-ce5eb5740076
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3516 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3515 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3514 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3513 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3512 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3511 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c92f240d-f0ec-4c4d-9b30-29cce736ad25
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3510 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1fb69f2c-ca1c-4142-926e-f89c0ad27586
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3509 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3508 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3507 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3506 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3505 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3504 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3d94bdd-d18d-441f-a00f-8885b0e0b32f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABnAEEATQB3AEEAdQBBAEQARQBBAE0AZwBBAHQAQQBEAEUAQQBNAHcAQQAyAEEARABJAEEATQB3AEEANABBAEQAYwBBAE4AZwBBADUAQQBEAFEAQQBNAHcAQQAwAEEARABJAEEATwBBAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3503 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f9683ac0-d66e-488b-8c5e-4cbe21ad528b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3502 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1374d21c-60d2-40a0-829f-9c7e14ba37c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3501 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3500 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3499 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3498 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3497 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3496 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3495 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3494 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f59b7eed-a8cf-45fd-8bbd-4dffeeb8a088
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3493 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f9683ac0-d66e-488b-8c5e-4cbe21ad528b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3492 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3491 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3490 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3489 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3488 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3487 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=430675b2-f575-4c40-9849-14216c6e94aa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3486 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=66dd19b9-e715-435e-9ed4-acf3fae65f14
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3485 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=66dd19b9-e715-435e-9ed4-acf3fae65f14
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3484 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3483 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3482 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3481 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3480 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3479 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea7e02b-89d1-4410-b563-f87a02752a70
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADgAMwAuADEAMgAtADEAMwA2ADIAMwA4ADcANgA5ADQAMwA0ADIAOAA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3478 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0df92003-dbab-4783-9153-b27ec0d8abb5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3477 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=937aa432-52c9-4faa-81cd-918255d18749
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3476 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3475 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3474 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3473 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3472 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3471 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3470 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3469 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fb62ded3-2e0f-455b-a831-2318c727c93d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3468 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0df92003-dbab-4783-9153-b27ec0d8abb5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3467 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3466 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3465 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3464 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3463 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3462 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bdf50c2-c1b7-43d0-961c-5490034be10f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3461 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c718cc26-5dda-4306-b989-b42d92e9c5c9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3460 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=405b45ec-bfe4-4c2a-a51a-d50b6354d9cc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3459 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=405b45ec-bfe4-4c2a-a51a-d50b6354d9cc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3458 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3457 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3456 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3455 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3454 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3453 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=32487b3d-21b3-4f13-8749-095bd49db36f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYAOAAzAC4AMQAyAC0AMQAzADYAMgAzADgANwA2ADkANAAzADQAMgA4ADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3452 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c718cc26-5dda-4306-b989-b42d92e9c5c9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3451 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3450 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3449 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3448 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3447 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3446 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19337b8b-ac23-4987-aabd-d2db2b3f2df9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBPAEEAQQB6AEEAQwA0AEEATQBRAEEAeQBBAEMAMABBAE0AUQBBAHoAQQBEAFkAQQBNAGcAQQB6AEEARABnAEEATgB3AEEAMgBBAEQAawBBAE4AQQBBAHoAQQBEAFEAQQBNAGcAQQA0AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3445 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=6f664f86-2b55-4df0-a711-563960f15ae7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3444 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e0e96074-df59-450d-9684-1dee8996a115
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3443 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e0e96074-df59-450d-9684-1dee8996a115
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3442 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3441 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3440 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3439 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3438 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3437 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf7715c6-9b96-4f21-8824-3000936b616e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3436 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=6f664f86-2b55-4df0-a711-563960f15ae7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3435 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3434 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3433 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3432 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3431 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3430 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7211c92-dfdd-49ef-a4dd-06cf062ebcc2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATwBBAEEAdQBBAEQATQBBAE8AUQBBAHQAQQBEAEkAQQBNAGcAQQA0AEEARABNAEEATgBBAEEAMQBBAEQASQBBAE0AdwBBADAAQQBEAGcAQQBPAFEAQQA1AEEARABZAEEATgB3AEEAMwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3429 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f34b4b08-0b10-4f34-97d0-43a47a8db1f9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3428 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6ee6eb1e-cf6d-4d91-a3aa-b34809ce5356
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3427 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3426 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3425 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3424 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3423 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3422 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3421 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3420 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=29257abf-40d3-4b4b-9968-54df3d4e6794
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3419 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f34b4b08-0b10-4f34-97d0-43a47a8db1f9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3418 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3417 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3416 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3415 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3414 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3413 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6223537-5ae0-40b9-933c-6d26a9c57c43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3412 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c0ca1e73-9332-46b6-a6d3-207f4737deef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3411 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c0ca1e73-9332-46b6-a6d3-207f4737deef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3410 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3409 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3408 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3407 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3406 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3405 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=179f23a2-502d-4b12-94c4-1de9d565d4db
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAOAAuADMAOQAtADIAMgA4ADMANAA1ADIAMwA0ADgAOQA5ADYANwA3AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3404 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f35854be-8f56-4833-970a-2c2aad145f4c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3403 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=24fe855d-1706-45e6-a429-aebacd0dac04
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3402 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3401 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3400 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3399 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3398 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3397 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3396 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3395 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8c843e0e-efca-4d64-be64-8edce1122215
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3394 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f35854be-8f56-4833-970a-2c2aad145f4c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3393 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3392 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3391 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3390 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3389 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3388 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4047753c-df1f-4a7f-a1c1-222bd3a29bdd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3387 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=460a81a0-45db-4f2f-9554-571df5fcaffa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3386 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9a89f41c-8327-4097-aec9-8680de58f312
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3385 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9a89f41c-8327-4097-aec9-8680de58f312
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3384 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3383 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3382 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3381 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3380 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3379 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d314c26d-c317-42c6-80cb-6efdc65b2fa1
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwA4AC4AMwA5AC0AMgAyADgAMwA0ADUAMgAzADQAOAA5ADkANgA3ADcAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3378 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=460a81a0-45db-4f2f-9554-571df5fcaffa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3377 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3376 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3375 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3374 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3373 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3372 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea7509c1-9f77-41dd-a52c-bf02ca408a3b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQA0AEEAQwA0AEEATQB3AEEANQBBAEMAMABBAE0AZwBBAHkAQQBEAGcAQQBNAHcAQQAwAEEARABVAEEATQBnAEEAegBBAEQAUQBBAE8AQQBBADUAQQBEAGsAQQBOAGcAQQAzAEEARABjAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3371 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=94db3ddb-be51-44ed-863f-ee7e71810adc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3370 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=ddbc02f4-ab2f-4f60-845f-567366798a1f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3369 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=ddbc02f4-ab2f-4f60-845f-567366798a1f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3368 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3367 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3366 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3365 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3364 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3363 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=26997714-774f-4f72-af95-68761dfd117e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3362 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=94db3ddb-be51-44ed-863f-ee7e71810adc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3361 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3360 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3359 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3358 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3357 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3356 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=971a1585-8436-4930-a6c7-b8f1a7263f65
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBPAFEAQQAyAEEARABjAEEATQB3AEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAEkAQQBOAHcAQQA0AEEARABnAEEATgB3AEEAMwBBAEQAQQBBAE8AQQBBADIAQQBEAE0AQQBNAFEAQQB6AEEARABZAEEATQBBAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3355 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e0f9dabc-6be4-4210-8181-5c97b6718592
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3354 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=99f8adcb-2ac6-4385-8a7e-ff1bd1e10577
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3353 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3352 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3351 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3350 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3349 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3348 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3347 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3346 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=13ad2d8b-a9b9-4e12-9612-e71fb75e32ae
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3345 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e0f9dabc-6be4-4210-8181-5c97b6718592
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3344 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3343 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3342 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3341 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3340 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3339 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8bd08fb7-a00a-4c0d-b05b-bade93a94fd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3338 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b8038334-d432-43f1-8475-4062340ee842
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3337 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b8038334-d432-43f1-8475-4062340ee842
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3336 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3335 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3334 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3333 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3332 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3331 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3ec5425-7fba-4d53-a6cf-c8bbe52adccf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMAOQA2ADcAMwAuADUANAAtADIANwA4ADgANwA3ADAAOAA2ADMAMQAzADYAMAAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3330 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d85527de-813a-4dcf-8a48-daadad64dd4c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3329 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a785ba24-b2ed-4dc1-8eb1-2d61df91a050
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3328 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3327 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3326 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3325 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3324 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3323 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3322 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3321 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2dbe8422-697d-4153-bfbe-e5bbdb084b3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3320 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d85527de-813a-4dcf-8a48-daadad64dd4c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3319 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3318 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3317 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3316 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3315 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3314 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=49b60081-6d73-4575-a6ef-56cb9ee99cec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3313 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=56b98cd2-3f81-41fd-9888-77fdabffa087
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3312 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9f8208b7-28a8-4ea5-98c1-4ac5f4e0f9f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3311 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9f8208b7-28a8-4ea5-98c1-4ac5f4e0f9f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3310 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3309 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3308 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3307 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3306 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3305 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0eaf3552-36e9-40cc-8e8c-421d1c1b7b95
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA5ADYANwAzAC4ANQA0AC0AMgA3ADgAOAA3ADcAMAA4ADYAMwAxADMANgAwADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3304 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=56b98cd2-3f81-41fd-9888-77fdabffa087
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3303 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3302 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3301 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3300 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3299 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3298 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a5bb88b2-a9eb-4177-b8dc-6ced1ecfa3b9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADUAQQBEAFkAQQBOAHcAQQB6AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE0AZwBBADMAQQBEAGcAQQBPAEEAQQAzAEEARABjAEEATQBBAEEANABBAEQAWQBBAE0AdwBBAHgAQQBEAE0AQQBOAGcAQQB3AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3297 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=36
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6e35c6ef-d1fe-4137-8a5f-0d94f1297dac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3296 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.DirectoryServices.AccountManagement
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=34
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b343d4e2-2302-42cc-a968-c30713451898
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.DirectoryServices.AccountManagement
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.DirectoryServices.AccountManagement"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3295 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b343d4e2-2302-42cc-a968-c30713451898
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3294 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3293 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3292 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3291 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3290 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3289 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3288 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3287 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b8074e4-671b-48b9-ae8e-ea00902cf005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3286 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6e35c6ef-d1fe-4137-8a5f-0d94f1297dac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3285 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3284 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3283 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3282 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3281 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3280 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f73cf9ff-4436-4056-b3f9-35090750b52a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3279 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:34:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7b8c1220-efad-440f-b475-5dc004c7d5da
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3278 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=5.1.14393.1944
RunspaceId=278acb9e-0b24-4931-87df-09d52d175a79
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3277 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=5.1.14393.1944
RunspaceId=278acb9e-0b24-4931-87df-09d52d175a79
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3276 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3275 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3274 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3273 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3272 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3271 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b0921144-0c2d-4f19-af16-f36c8cffa1d3
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3270 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c8f17465-b910-48b9-b354-4225c1212a17
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3269 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:21:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c8f17465-b910-48b9-b354-4225c1212a17
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3268 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3267 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3266 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3265 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3264 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3263 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3262 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3261 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9a9cd55e-e897-427f-9d26-7e22c056d4a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3260 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7b8c1220-efad-440f-b475-5dc004c7d5da
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3259 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3258 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3257 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3256 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3255 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3254 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=12d9044e-3a8f-42fe-807d-808b217b0d28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3253 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=37
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6ac864a0-218a-4d1c-be41-7d5e02af5691
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3252 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $platform_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=35
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e9256505-c150-47dd-87ed-829aaaf56770
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $platform_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace Ansible.PrivilegeUtil
{
[Flags]
public enum PrivilegeAttributes : uint
{
Disabled = 0x00000000,
EnabledByDefault = 0x00000001,
Enabled = 0x00000002,
Removed = 0x00000004,
UsedForAccess = 0x80000000,
}
internal class NativeHelpers
{
[StructLayout(LayoutKind.Sequential)]
internal struct LUID
{
public UInt32 LowPart;
public Int32 HighPart;
}
[StructLayout(LayoutKind.Sequential)]
internal struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public PrivilegeAttributes Attributes;
}
[StructLayout(LayoutKind.Sequential)]
internal struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
}
internal class NativeMethods
{
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
[MarshalAs(UnmanagedType.Bool)] bool DisableAllPrivileges,
IntPtr NewState,
UInt32 BufferLength,
IntPtr PreviousState,
out UInt32 ReturnLength);
[DllImport("kernel32.dll")]
internal static extern bool CloseHandle(
IntPtr hObject);
[DllImport("kernel32")]
internal static extern SafeWaitHandle GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool GetTokenInformation(
IntPtr TokenHandle,
UInt32 TokenInformationClass,
IntPtr TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeName(
string lpSystemName,
ref NativeHelpers.LUID lpLuid,
StringBuilder lpName,
ref UInt32 cchName);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeValue(
string lpSystemName,
string lpName,
out NativeHelpers.LUID lpLuid);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool OpenProcessToken(
SafeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out IntPtr TokenHandle);
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class Privileges
{
private static readonly UInt32 TOKEN_PRIVILEGES = 3;
public static bool CheckPrivilegeName(string name)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, name, out luid))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 1313) // ERROR_NO_SUCH_PRIVILEGE
throw new Win32Exception(errCode, String.Format("LookupPrivilegeValue({0}) failed", name));
return false;
}
else
{
return true;
}
}
public static Dictionary<string, bool?> DisablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, false } });
}
public static Dictionary<string, bool?> DisableAllPrivileges(SafeHandle token)
{
return AdjustTokenPrivileges(token, null);
}
public static Dictionary<string, bool?> EnablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, true } });
}
public static Dictionary<String, PrivilegeAttributes> GetAllPrivilegeInfo(SafeHandle token)
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query, out hToken))
throw new Win32Exception("OpenProcessToken() failed");
Dictionary<String, PrivilegeAttributes> info = new Dictionary<String, PrivilegeAttributes>();
try
{
UInt32 tokenLength = 0;
NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, IntPtr.Zero, 0, out tokenLength);
NativeHelpers.LUID_AND_ATTRIBUTES[] privileges;
IntPtr privilegesPtr = Marshal.AllocHGlobal((int)tokenLength);
try
{
if (!NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, privilegesPtr, tokenLength, out tokenLength))
throw new Win32Exception("GetTokenInformation() for TOKEN_PRIVILEGES failed");
NativeHelpers.TOKEN_PRIVILEGES privilegeInfo = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(privilegesPtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[privilegeInfo.PrivilegeCount];
PtrToStructureArray(privileges, IntPtr.Add(privilegesPtr, Marshal.SizeOf(privilegeInfo.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(privilegesPtr);
}
info = privileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => p.Attributes);
}
finally
{
NativeMethods.CloseHandle(hToken);
}
return info;
}
public static SafeWaitHandle GetCurrentProcess()
{
return NativeMethods.GetCurrentProcess();
}
public static void RemovePrivilege(SafeHandle token, string privilege)
{
SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, null } });
}
public static Dictionary<string, bool?> SetTokenPrivileges(SafeHandle token, Dictionary<string, bool?> state)
{
NativeHelpers.LUID_AND_ATTRIBUTES[] privilegeAttr = new NativeHelpers.LUID_AND_ATTRIBUTES[state.Count];
int i = 0;
foreach (KeyValuePair<string, bool?> entry in state)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, entry.Key, out luid))
throw new Win32Exception(String.Format("LookupPrivilegeValue({0}) failed", entry.Key));
PrivilegeAttributes attributes;
switch (entry.Value)
{
case true:
attributes = PrivilegeAttributes.Enabled;
break;
case false:
attributes = PrivilegeAttributes.Disabled;
break;
default:
attributes = PrivilegeAttributes.Removed;
break;
}
privilegeAttr[i].Luid = luid;
privilegeAttr[i].Attributes = attributes;
i++;
}
return AdjustTokenPrivileges(token, privilegeAttr);
}
private static Dictionary<string, bool?> AdjustTokenPrivileges(SafeHandle token, NativeHelpers.LUID_AND_ATTRIBUTES[] newState)
{
bool disableAllPrivileges;
IntPtr newStatePtr;
NativeHelpers.LUID_AND_ATTRIBUTES[] oldStatePrivileges;
UInt32 returnLength;
if (newState == null)
{
disableAllPrivileges = true;
newStatePtr = IntPtr.Zero;
}
else
{
disableAllPrivileges = false;
// Need to manually marshal the bytes requires for newState as the constant size
// of LUID_AND_ATTRIBUTES is set to 1 and can't be overridden at runtime, TOKEN_PRIVILEGES
// always contains at least 1 entry so we need to calculate the extra size if there are
// nore than 1 LUID_AND_ATTRIBUTES entry
int tokenPrivilegesSize = Marshal.SizeOf(typeof(NativeHelpers.TOKEN_PRIVILEGES));
int luidAttrSize = 0;
if (newState.Length > 1)
luidAttrSize = Marshal.SizeOf(typeof(NativeHelpers.LUID_AND_ATTRIBUTES)) * (newState.Length - 1);
int totalSize = tokenPrivilegesSize + luidAttrSize;
byte[] newStateBytes = new byte[totalSize];
// get the first entry that includes the struct details
NativeHelpers.TOKEN_PRIVILEGES tokenPrivileges = new NativeHelpers.TOKEN_PRIVILEGES()
{
PrivilegeCount = (UInt32)newState.Length,
Privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[1],
};
if (newState.Length > 0)
tokenPrivileges.Privileges[0] = newState[0];
int offset = StructureToBytes(tokenPrivileges, newStateBytes, 0);
// copy the remaining LUID_AND_ATTRIBUTES (if any)
for (int i = 1; i < newState.Length; i++)
offset += StructureToBytes(newState[i], newStateBytes, offset);
// finally create the pointer to the byte array we just created
newStatePtr = Marshal.AllocHGlobal(newStateBytes.Length);
Marshal.Copy(newStateBytes, 0, newStatePtr, newStateBytes.Length);
}
try
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query | TokenAccessLevels.AdjustPrivileges, out hToken))
throw new Win32Exception("OpenProcessToken() failed with Query and AdjustPrivileges");
try
{
IntPtr oldStatePtr = Marshal.AllocHGlobal(0);
if (!NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, 0, oldStatePtr, out returnLength))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 122) // ERROR_INSUFFICIENT_BUFFER
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed to get old state size");
}
// resize the oldStatePtr based on the length returned from Windows
Marshal.FreeHGlobal(oldStatePtr);
oldStatePtr = Marshal.AllocHGlobal((int)returnLength);
try
{
bool res = NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, returnLength, oldStatePtr, out returnLength);
int errCode = Marshal.GetLastWin32Error();
// even when res == true, ERROR_NOT_ALL_ASSIGNED may be set as the last error code
if (!res || errCode != 0)
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed");
// Marshal the oldStatePtr to the struct
NativeHelpers.TOKEN_PRIVILEGES oldState = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(oldStatePtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
oldStatePrivileges = new NativeHelpers.LUID_AND_ATTRIBUTES[oldState.PrivilegeCount];
PtrToStructureArray(oldStatePrivileges, IntPtr.Add(oldStatePtr, Marshal.SizeOf(oldState.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(oldStatePtr);
}
}
finally
{
NativeMethods.CloseHandle(hToken);
}
}
finally
{
if (newStatePtr != IntPtr.Zero)
Marshal.FreeHGlobal(newStatePtr);
}
return oldStatePrivileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => (bool?)p.Attributes.HasFlag(PrivilegeAttributes.Enabled));
}
private static string GetPrivilegeName(NativeHelpers.LUID luid)
{
UInt32 nameLen = 0;
NativeMethods.LookupPrivilegeName(null, ref luid, null, ref nameLen);
StringBuilder name = new StringBuilder((int)(nameLen + 1));
if (!NativeMethods.LookupPrivilegeName(null, ref luid, name, ref nameLen))
throw new Win32Exception("LookupPrivilegeName() failed");
return name.ToString();
}
private static void PtrToStructureArray<T>(T[] array, IntPtr ptr)
{
IntPtr ptrOffset = ptr;
for (int i = 0; i < array.Length; i++, ptrOffset = IntPtr.Add(ptrOffset, Marshal.SizeOf(typeof(T))))
array[i] = (T)Marshal.PtrToStructure(ptrOffset, typeof(T));
}
private static int StructureToBytes<T>(T structure, byte[] array, int offset)
{
int size = Marshal.SizeOf(structure);
IntPtr structPtr = Marshal.AllocHGlobal(size);
try
{
Marshal.StructureToPtr(structure, structPtr, false);
Marshal.Copy(structPtr, array, offset, size);
}
finally
{
Marshal.FreeHGlobal(structPtr);
}
return size;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3251 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $link_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e9256505-c150-47dd-87ed-829aaaf56770
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $link_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Ansible
{
public enum LinkType
{
SymbolicLink,
JunctionPoint,
HardLink
}
public class LinkUtilWin32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public LinkUtilWin32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public LinkUtilWin32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator LinkUtilWin32Exception(string message) { return new LinkUtilWin32Exception(message); }
}
public class LinkInfo
{
public LinkType Type { get; internal set; }
public string PrintName { get; internal set; }
public string SubstituteName { get; internal set; }
public string AbsolutePath { get; internal set; }
public string TargetPath { get; internal set; }
public string[] HardTargets { get; internal set; }
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct REPARSE_DATA_BUFFER
{
public UInt32 ReparseTag;
public UInt16 ReparseDataLength;
public UInt16 Reserved;
public UInt16 SubstituteNameOffset;
public UInt16 SubstituteNameLength;
public UInt16 PrintNameOffset;
public UInt16 PrintNameLength;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = LinkUtil.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)]
public char[] PathBuffer;
}
public class LinkUtil
{
public const int MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 1024 * 16;
private const UInt32 FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private const UInt32 FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
private const UInt32 FSCTL_GET_REPARSE_POINT = 0x000900A8;
private const UInt32 FSCTL_SET_REPARSE_POINT = 0x000900A4;
private const UInt32 FILE_DEVICE_FILE_SYSTEM = 0x00090000;
private const UInt32 IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003;
private const UInt32 IO_REPARSE_TAG_SYMLINK = 0xA000000C;
private const UInt32 SYMLINK_FLAG_RELATIVE = 0x00000001;
private const Int64 INVALID_HANDLE_VALUE = -1;
private const UInt32 SIZE_OF_WCHAR = 2;
private const UInt32 SYMBOLIC_LINK_FLAG_FILE = 0x00000000;
private const UInt32 SYMBOLIC_LINK_FLAG_DIRECTORY = 0x00000001;
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern SafeFileHandle CreateFile(
string lpFileName,
[MarshalAs(UnmanagedType.U4)] FileAccess dwDesiredAccess,
[MarshalAs(UnmanagedType.U4)] FileShare dwShareMode,
IntPtr lpSecurityAttributes,
[MarshalAs(UnmanagedType.U4)] FileMode dwCreationDisposition,
UInt32 dwFlagsAndAttributes,
IntPtr hTemplateFile);
// Used by GetReparsePointInfo()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
IntPtr lpInBuffer,
UInt32 nInBufferSize,
out REPARSE_DATA_BUFFER lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
// Used by CreateJunctionPoint()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
REPARSE_DATA_BUFFER lpInBuffer,
UInt32 nInBufferSize,
IntPtr lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool GetVolumePathName(
string lpszFileName,
StringBuilder lpszVolumePathName,
ref UInt32 cchBufferLength);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern IntPtr FindFirstFileNameW(
string lpFileName,
UInt32 dwFlags,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool FindNextFileNameW(
IntPtr hFindStream,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool FindClose(
IntPtr hFindFile);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool RemoveDirectory(
string lpPathName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeleteFile(
string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateSymbolicLink(
string lpSymlinkFileName,
string lpTargetFileName,
UInt32 dwFlags);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateHardLink(
string lpFileName,
string lpExistingFileName,
IntPtr lpSecurityAttributes);
public static LinkInfo GetLinkInfo(string linkPath)
{
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.ReparsePoint))
return GetReparsePointInfo(linkPath);
if (!attr.HasFlag(FileAttributes.Directory))
return GetHardLinkInfo(linkPath);
return null;
}
public static void DeleteLink(string linkPath)
{
bool success;
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.Directory))
{
success = RemoveDirectory(linkPath);
}
else
{
success = DeleteFile(linkPath);
}
if (!success)
throw new LinkUtilWin32Exception(String.Format("Failed to delete link at {0}", linkPath));
}
public static void CreateLink(string linkPath, String linkTarget, LinkType linkType)
{
switch (linkType)
{
case LinkType.SymbolicLink:
UInt32 linkFlags;
FileAttributes attr = File.GetAttributes(linkTarget);
if (attr.HasFlag(FileAttributes.Directory))
linkFlags = SYMBOLIC_LINK_FLAG_DIRECTORY;
else
linkFlags = SYMBOLIC_LINK_FLAG_FILE;
if (!CreateSymbolicLink(linkPath, linkTarget, linkFlags))
throw new LinkUtilWin32Exception(String.Format("CreateSymbolicLink({0}, {1}, {2}) failed", linkPath, linkTarget, linkFlags));
break;
case LinkType.JunctionPoint:
CreateJunctionPoint(linkPath, linkTarget);
break;
case LinkType.HardLink:
if (!CreateHardLink(linkPath, linkTarget, IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("CreateHardLink({0}, {1}) failed", linkPath, linkTarget));
break;
}
}
private static LinkInfo GetHardLinkInfo(string linkPath)
{
UInt32 maxPath = 260;
List<string> result = new List<string>();
StringBuilder sb = new StringBuilder((int)maxPath);
UInt32 stringLength = maxPath;
if (!GetVolumePathName(linkPath, sb, ref stringLength))
throw new LinkUtilWin32Exception("GetVolumePathName() failed");
string volume = sb.ToString();
stringLength = maxPath;
IntPtr findHandle = FindFirstFileNameW(linkPath, 0, ref stringLength, sb);
if (findHandle.ToInt64() != INVALID_HANDLE_VALUE)
{
try
{
do
{
string hardLinkPath = sb.ToString();
if (hardLinkPath.StartsWith("\\"))
hardLinkPath = hardLinkPath.Substring(1, hardLinkPath.Length - 1);
result.Add(Path.Combine(volume, hardLinkPath));
stringLength = maxPath;
} while (FindNextFileNameW(findHandle, ref stringLength, sb));
}
finally
{
FindClose(findHandle);
}
}
if (result.Count > 1)
return new LinkInfo
{
Type = LinkType.HardLink,
HardTargets = result.ToArray()
};
return null;
}
private static LinkInfo GetReparsePointInfo(string linkPath)
{
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Read,
FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
UInt32 bytesReturned;
try
{
if (!DeviceIoControl(
fileHandle,
FSCTL_GET_REPARSE_POINT,
IntPtr.Zero,
0,
out buffer,
MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed for file at {0}", linkPath));
}
finally
{
fileHandle.Dispose();
}
bool isRelative = false;
int pathOffset = 0;
LinkType linkType;
if (buffer.ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
UInt32 bufferFlags = Convert.ToUInt32(buffer.PathBuffer[0]) + Convert.ToUInt32(buffer.PathBuffer[1]);
if (bufferFlags == SYMLINK_FLAG_RELATIVE)
isRelative = true;
pathOffset = 2;
linkType = LinkType.SymbolicLink;
}
else if (buffer.ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
linkType = LinkType.JunctionPoint;
}
else
{
string errorMessage = String.Format("Invalid Reparse Tag: {0}", buffer.ReparseTag.ToString());
throw new Exception(errorMessage);
}
string printName = new string(buffer.PathBuffer, (int)(buffer.PrintNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.PrintNameLength / SIZE_OF_WCHAR));
string substituteName = new string(buffer.PathBuffer, (int)(buffer.SubstituteNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.SubstituteNameLength / SIZE_OF_WCHAR));
// TODO: should we check for \?\UNC\server for convert it to the NT style \\server path
// Remove the leading Windows object directory \?\ from the path if present
string targetPath = substituteName;
if (targetPath.StartsWith("\\??\\"))
targetPath = targetPath.Substring(4, targetPath.Length - 4);
string absolutePath = targetPath;
if (isRelative)
absolutePath = Path.GetFullPath(Path.Combine(new FileInfo(linkPath).Directory.FullName, targetPath));
return new LinkInfo
{
Type = linkType,
PrintName = printName,
SubstituteName = substituteName,
AbsolutePath = absolutePath,
TargetPath = targetPath
};
}
private static void CreateJunctionPoint(string linkPath, string linkTarget)
{
// We need to create the link as a dir beforehand
Directory.CreateDirectory(linkPath);
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Write,
FileShare.Read | FileShare.Write | FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
try
{
string substituteName = "\\??\\" + Path.GetFullPath(linkTarget);
string printName = linkTarget;
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
buffer.SubstituteNameOffset = 0;
buffer.SubstituteNameLength = (UInt16)(substituteName.Length * SIZE_OF_WCHAR);
buffer.PrintNameOffset = (UInt16)(buffer.SubstituteNameLength + 2);
buffer.PrintNameLength = (UInt16)(printName.Length * SIZE_OF_WCHAR);
buffer.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
buffer.ReparseDataLength = (UInt16)(buffer.SubstituteNameLength + buffer.PrintNameLength + 12);
buffer.PathBuffer = new char[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
byte[] unicodeBytes = Encoding.Unicode.GetBytes(substituteName + "\0" + printName);
char[] pathBuffer = Encoding.Unicode.GetChars(unicodeBytes);
Array.Copy(pathBuffer, buffer.PathBuffer, pathBuffer.Length);
UInt32 bytesReturned;
if (!DeviceIoControl(
fileHandle,
FSCTL_SET_REPARSE_POINT,
buffer,
(UInt32)(buffer.ReparseDataLength + 8),
IntPtr.Zero, 0,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed to create junction point at {0} to {1}", linkPath, linkTarget));
}
finally
{
fileHandle.Dispose();
}
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3250 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e9256505-c150-47dd-87ed-829aaaf56770
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3249 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3248 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3247 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3246 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3245 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3244 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3243 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3242 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67a49680-37a1-42da-b969-22889ed55a18
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3241 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6ac864a0-218a-4d1c-be41-7d5e02af5691
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3240 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3239 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3238 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3237 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3236 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3235 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=310db346-74f7-41c8-b8ed-f3fe342cf71a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3234 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=524df360-0815-4a40-9a29-c10086f62029
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3233 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=5.1.14393.1944
RunspaceId=d25b1400-95e9-4a4e-8a0b-b88ba150a8cc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3232 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=5.1.14393.1944
RunspaceId=d25b1400-95e9-4a4e-8a0b-b88ba150a8cc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3231 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3230 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3229 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3228 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3227 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3226 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4596762-a050-4783-ba74-e65b75122295
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAGUAdQB0AHIAbwBuAC0AaAB5AHAAZQByAHYALQBhAGcAZQBuAHQAIAB8ACAAJQB7ACQAXwAuAFMAdABhAHQAdQBzAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3225 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=13ae9a92-e9ad-4c63-a900-4320c5ee7f3c
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3224 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=13ae9a92-e9ad-4c63-a900-4320c5ee7f3c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3223 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3222 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3221 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3220 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3219 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3218 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3217 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3216 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ffb78d90-df6e-46c6-b0ac-06f0025b4924
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3215 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=524df360-0815-4a40-9a29-c10086f62029
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3214 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3213 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3212 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3211 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3210 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3209 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=43832b60-bb9a-43d0-8685-62f549e62c6d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3208 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=37
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5cb6c233-be8a-4917-8be2-1116ff43d9fe
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3207 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $platform_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=35
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b39a2dfa-861a-4792-b018-671c56b21bdb
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $platform_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace Ansible.PrivilegeUtil
{
[Flags]
public enum PrivilegeAttributes : uint
{
Disabled = 0x00000000,
EnabledByDefault = 0x00000001,
Enabled = 0x00000002,
Removed = 0x00000004,
UsedForAccess = 0x80000000,
}
internal class NativeHelpers
{
[StructLayout(LayoutKind.Sequential)]
internal struct LUID
{
public UInt32 LowPart;
public Int32 HighPart;
}
[StructLayout(LayoutKind.Sequential)]
internal struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public PrivilegeAttributes Attributes;
}
[StructLayout(LayoutKind.Sequential)]
internal struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
}
internal class NativeMethods
{
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
[MarshalAs(UnmanagedType.Bool)] bool DisableAllPrivileges,
IntPtr NewState,
UInt32 BufferLength,
IntPtr PreviousState,
out UInt32 ReturnLength);
[DllImport("kernel32.dll")]
internal static extern bool CloseHandle(
IntPtr hObject);
[DllImport("kernel32")]
internal static extern SafeWaitHandle GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool GetTokenInformation(
IntPtr TokenHandle,
UInt32 TokenInformationClass,
IntPtr TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeName(
string lpSystemName,
ref NativeHelpers.LUID lpLuid,
StringBuilder lpName,
ref UInt32 cchName);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeValue(
string lpSystemName,
string lpName,
out NativeHelpers.LUID lpLuid);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool OpenProcessToken(
SafeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out IntPtr TokenHandle);
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class Privileges
{
private static readonly UInt32 TOKEN_PRIVILEGES = 3;
public static bool CheckPrivilegeName(string name)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, name, out luid))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 1313) // ERROR_NO_SUCH_PRIVILEGE
throw new Win32Exception(errCode, String.Format("LookupPrivilegeValue({0}) failed", name));
return false;
}
else
{
return true;
}
}
public static Dictionary<string, bool?> DisablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, false } });
}
public static Dictionary<string, bool?> DisableAllPrivileges(SafeHandle token)
{
return AdjustTokenPrivileges(token, null);
}
public static Dictionary<string, bool?> EnablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, true } });
}
public static Dictionary<String, PrivilegeAttributes> GetAllPrivilegeInfo(SafeHandle token)
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query, out hToken))
throw new Win32Exception("OpenProcessToken() failed");
Dictionary<String, PrivilegeAttributes> info = new Dictionary<String, PrivilegeAttributes>();
try
{
UInt32 tokenLength = 0;
NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, IntPtr.Zero, 0, out tokenLength);
NativeHelpers.LUID_AND_ATTRIBUTES[] privileges;
IntPtr privilegesPtr = Marshal.AllocHGlobal((int)tokenLength);
try
{
if (!NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, privilegesPtr, tokenLength, out tokenLength))
throw new Win32Exception("GetTokenInformation() for TOKEN_PRIVILEGES failed");
NativeHelpers.TOKEN_PRIVILEGES privilegeInfo = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(privilegesPtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[privilegeInfo.PrivilegeCount];
PtrToStructureArray(privileges, IntPtr.Add(privilegesPtr, Marshal.SizeOf(privilegeInfo.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(privilegesPtr);
}
info = privileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => p.Attributes);
}
finally
{
NativeMethods.CloseHandle(hToken);
}
return info;
}
public static SafeWaitHandle GetCurrentProcess()
{
return NativeMethods.GetCurrentProcess();
}
public static void RemovePrivilege(SafeHandle token, string privilege)
{
SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, null } });
}
public static Dictionary<string, bool?> SetTokenPrivileges(SafeHandle token, Dictionary<string, bool?> state)
{
NativeHelpers.LUID_AND_ATTRIBUTES[] privilegeAttr = new NativeHelpers.LUID_AND_ATTRIBUTES[state.Count];
int i = 0;
foreach (KeyValuePair<string, bool?> entry in state)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, entry.Key, out luid))
throw new Win32Exception(String.Format("LookupPrivilegeValue({0}) failed", entry.Key));
PrivilegeAttributes attributes;
switch (entry.Value)
{
case true:
attributes = PrivilegeAttributes.Enabled;
break;
case false:
attributes = PrivilegeAttributes.Disabled;
break;
default:
attributes = PrivilegeAttributes.Removed;
break;
}
privilegeAttr[i].Luid = luid;
privilegeAttr[i].Attributes = attributes;
i++;
}
return AdjustTokenPrivileges(token, privilegeAttr);
}
private static Dictionary<string, bool?> AdjustTokenPrivileges(SafeHandle token, NativeHelpers.LUID_AND_ATTRIBUTES[] newState)
{
bool disableAllPrivileges;
IntPtr newStatePtr;
NativeHelpers.LUID_AND_ATTRIBUTES[] oldStatePrivileges;
UInt32 returnLength;
if (newState == null)
{
disableAllPrivileges = true;
newStatePtr = IntPtr.Zero;
}
else
{
disableAllPrivileges = false;
// Need to manually marshal the bytes requires for newState as the constant size
// of LUID_AND_ATTRIBUTES is set to 1 and can't be overridden at runtime, TOKEN_PRIVILEGES
// always contains at least 1 entry so we need to calculate the extra size if there are
// nore than 1 LUID_AND_ATTRIBUTES entry
int tokenPrivilegesSize = Marshal.SizeOf(typeof(NativeHelpers.TOKEN_PRIVILEGES));
int luidAttrSize = 0;
if (newState.Length > 1)
luidAttrSize = Marshal.SizeOf(typeof(NativeHelpers.LUID_AND_ATTRIBUTES)) * (newState.Length - 1);
int totalSize = tokenPrivilegesSize + luidAttrSize;
byte[] newStateBytes = new byte[totalSize];
// get the first entry that includes the struct details
NativeHelpers.TOKEN_PRIVILEGES tokenPrivileges = new NativeHelpers.TOKEN_PRIVILEGES()
{
PrivilegeCount = (UInt32)newState.Length,
Privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[1],
};
if (newState.Length > 0)
tokenPrivileges.Privileges[0] = newState[0];
int offset = StructureToBytes(tokenPrivileges, newStateBytes, 0);
// copy the remaining LUID_AND_ATTRIBUTES (if any)
for (int i = 1; i < newState.Length; i++)
offset += StructureToBytes(newState[i], newStateBytes, offset);
// finally create the pointer to the byte array we just created
newStatePtr = Marshal.AllocHGlobal(newStateBytes.Length);
Marshal.Copy(newStateBytes, 0, newStatePtr, newStateBytes.Length);
}
try
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query | TokenAccessLevels.AdjustPrivileges, out hToken))
throw new Win32Exception("OpenProcessToken() failed with Query and AdjustPrivileges");
try
{
IntPtr oldStatePtr = Marshal.AllocHGlobal(0);
if (!NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, 0, oldStatePtr, out returnLength))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 122) // ERROR_INSUFFICIENT_BUFFER
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed to get old state size");
}
// resize the oldStatePtr based on the length returned from Windows
Marshal.FreeHGlobal(oldStatePtr);
oldStatePtr = Marshal.AllocHGlobal((int)returnLength);
try
{
bool res = NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, returnLength, oldStatePtr, out returnLength);
int errCode = Marshal.GetLastWin32Error();
// even when res == true, ERROR_NOT_ALL_ASSIGNED may be set as the last error code
if (!res || errCode != 0)
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed");
// Marshal the oldStatePtr to the struct
NativeHelpers.TOKEN_PRIVILEGES oldState = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(oldStatePtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
oldStatePrivileges = new NativeHelpers.LUID_AND_ATTRIBUTES[oldState.PrivilegeCount];
PtrToStructureArray(oldStatePrivileges, IntPtr.Add(oldStatePtr, Marshal.SizeOf(oldState.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(oldStatePtr);
}
}
finally
{
NativeMethods.CloseHandle(hToken);
}
}
finally
{
if (newStatePtr != IntPtr.Zero)
Marshal.FreeHGlobal(newStatePtr);
}
return oldStatePrivileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => (bool?)p.Attributes.HasFlag(PrivilegeAttributes.Enabled));
}
private static string GetPrivilegeName(NativeHelpers.LUID luid)
{
UInt32 nameLen = 0;
NativeMethods.LookupPrivilegeName(null, ref luid, null, ref nameLen);
StringBuilder name = new StringBuilder((int)(nameLen + 1));
if (!NativeMethods.LookupPrivilegeName(null, ref luid, name, ref nameLen))
throw new Win32Exception("LookupPrivilegeName() failed");
return name.ToString();
}
private static void PtrToStructureArray<T>(T[] array, IntPtr ptr)
{
IntPtr ptrOffset = ptr;
for (int i = 0; i < array.Length; i++, ptrOffset = IntPtr.Add(ptrOffset, Marshal.SizeOf(typeof(T))))
array[i] = (T)Marshal.PtrToStructure(ptrOffset, typeof(T));
}
private static int StructureToBytes<T>(T structure, byte[] array, int offset)
{
int size = Marshal.SizeOf(structure);
IntPtr structPtr = Marshal.AllocHGlobal(size);
try
{
Marshal.StructureToPtr(structure, structPtr, false);
Marshal.Copy(structPtr, array, offset, size);
}
finally
{
Marshal.FreeHGlobal(structPtr);
}
return size;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3206 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $link_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b39a2dfa-861a-4792-b018-671c56b21bdb
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $link_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Ansible
{
public enum LinkType
{
SymbolicLink,
JunctionPoint,
HardLink
}
public class LinkUtilWin32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public LinkUtilWin32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public LinkUtilWin32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator LinkUtilWin32Exception(string message) { return new LinkUtilWin32Exception(message); }
}
public class LinkInfo
{
public LinkType Type { get; internal set; }
public string PrintName { get; internal set; }
public string SubstituteName { get; internal set; }
public string AbsolutePath { get; internal set; }
public string TargetPath { get; internal set; }
public string[] HardTargets { get; internal set; }
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct REPARSE_DATA_BUFFER
{
public UInt32 ReparseTag;
public UInt16 ReparseDataLength;
public UInt16 Reserved;
public UInt16 SubstituteNameOffset;
public UInt16 SubstituteNameLength;
public UInt16 PrintNameOffset;
public UInt16 PrintNameLength;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = LinkUtil.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)]
public char[] PathBuffer;
}
public class LinkUtil
{
public const int MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 1024 * 16;
private const UInt32 FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private const UInt32 FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
private const UInt32 FSCTL_GET_REPARSE_POINT = 0x000900A8;
private const UInt32 FSCTL_SET_REPARSE_POINT = 0x000900A4;
private const UInt32 FILE_DEVICE_FILE_SYSTEM = 0x00090000;
private const UInt32 IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003;
private const UInt32 IO_REPARSE_TAG_SYMLINK = 0xA000000C;
private const UInt32 SYMLINK_FLAG_RELATIVE = 0x00000001;
private const Int64 INVALID_HANDLE_VALUE = -1;
private const UInt32 SIZE_OF_WCHAR = 2;
private const UInt32 SYMBOLIC_LINK_FLAG_FILE = 0x00000000;
private const UInt32 SYMBOLIC_LINK_FLAG_DIRECTORY = 0x00000001;
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern SafeFileHandle CreateFile(
string lpFileName,
[MarshalAs(UnmanagedType.U4)] FileAccess dwDesiredAccess,
[MarshalAs(UnmanagedType.U4)] FileShare dwShareMode,
IntPtr lpSecurityAttributes,
[MarshalAs(UnmanagedType.U4)] FileMode dwCreationDisposition,
UInt32 dwFlagsAndAttributes,
IntPtr hTemplateFile);
// Used by GetReparsePointInfo()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
IntPtr lpInBuffer,
UInt32 nInBufferSize,
out REPARSE_DATA_BUFFER lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
// Used by CreateJunctionPoint()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
REPARSE_DATA_BUFFER lpInBuffer,
UInt32 nInBufferSize,
IntPtr lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool GetVolumePathName(
string lpszFileName,
StringBuilder lpszVolumePathName,
ref UInt32 cchBufferLength);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern IntPtr FindFirstFileNameW(
string lpFileName,
UInt32 dwFlags,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool FindNextFileNameW(
IntPtr hFindStream,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool FindClose(
IntPtr hFindFile);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool RemoveDirectory(
string lpPathName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeleteFile(
string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateSymbolicLink(
string lpSymlinkFileName,
string lpTargetFileName,
UInt32 dwFlags);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateHardLink(
string lpFileName,
string lpExistingFileName,
IntPtr lpSecurityAttributes);
public static LinkInfo GetLinkInfo(string linkPath)
{
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.ReparsePoint))
return GetReparsePointInfo(linkPath);
if (!attr.HasFlag(FileAttributes.Directory))
return GetHardLinkInfo(linkPath);
return null;
}
public static void DeleteLink(string linkPath)
{
bool success;
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.Directory))
{
success = RemoveDirectory(linkPath);
}
else
{
success = DeleteFile(linkPath);
}
if (!success)
throw new LinkUtilWin32Exception(String.Format("Failed to delete link at {0}", linkPath));
}
public static void CreateLink(string linkPath, String linkTarget, LinkType linkType)
{
switch (linkType)
{
case LinkType.SymbolicLink:
UInt32 linkFlags;
FileAttributes attr = File.GetAttributes(linkTarget);
if (attr.HasFlag(FileAttributes.Directory))
linkFlags = SYMBOLIC_LINK_FLAG_DIRECTORY;
else
linkFlags = SYMBOLIC_LINK_FLAG_FILE;
if (!CreateSymbolicLink(linkPath, linkTarget, linkFlags))
throw new LinkUtilWin32Exception(String.Format("CreateSymbolicLink({0}, {1}, {2}) failed", linkPath, linkTarget, linkFlags));
break;
case LinkType.JunctionPoint:
CreateJunctionPoint(linkPath, linkTarget);
break;
case LinkType.HardLink:
if (!CreateHardLink(linkPath, linkTarget, IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("CreateHardLink({0}, {1}) failed", linkPath, linkTarget));
break;
}
}
private static LinkInfo GetHardLinkInfo(string linkPath)
{
UInt32 maxPath = 260;
List<string> result = new List<string>();
StringBuilder sb = new StringBuilder((int)maxPath);
UInt32 stringLength = maxPath;
if (!GetVolumePathName(linkPath, sb, ref stringLength))
throw new LinkUtilWin32Exception("GetVolumePathName() failed");
string volume = sb.ToString();
stringLength = maxPath;
IntPtr findHandle = FindFirstFileNameW(linkPath, 0, ref stringLength, sb);
if (findHandle.ToInt64() != INVALID_HANDLE_VALUE)
{
try
{
do
{
string hardLinkPath = sb.ToString();
if (hardLinkPath.StartsWith("\\"))
hardLinkPath = hardLinkPath.Substring(1, hardLinkPath.Length - 1);
result.Add(Path.Combine(volume, hardLinkPath));
stringLength = maxPath;
} while (FindNextFileNameW(findHandle, ref stringLength, sb));
}
finally
{
FindClose(findHandle);
}
}
if (result.Count > 1)
return new LinkInfo
{
Type = LinkType.HardLink,
HardTargets = result.ToArray()
};
return null;
}
private static LinkInfo GetReparsePointInfo(string linkPath)
{
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Read,
FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
UInt32 bytesReturned;
try
{
if (!DeviceIoControl(
fileHandle,
FSCTL_GET_REPARSE_POINT,
IntPtr.Zero,
0,
out buffer,
MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed for file at {0}", linkPath));
}
finally
{
fileHandle.Dispose();
}
bool isRelative = false;
int pathOffset = 0;
LinkType linkType;
if (buffer.ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
UInt32 bufferFlags = Convert.ToUInt32(buffer.PathBuffer[0]) + Convert.ToUInt32(buffer.PathBuffer[1]);
if (bufferFlags == SYMLINK_FLAG_RELATIVE)
isRelative = true;
pathOffset = 2;
linkType = LinkType.SymbolicLink;
}
else if (buffer.ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
linkType = LinkType.JunctionPoint;
}
else
{
string errorMessage = String.Format("Invalid Reparse Tag: {0}", buffer.ReparseTag.ToString());
throw new Exception(errorMessage);
}
string printName = new string(buffer.PathBuffer, (int)(buffer.PrintNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.PrintNameLength / SIZE_OF_WCHAR));
string substituteName = new string(buffer.PathBuffer, (int)(buffer.SubstituteNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.SubstituteNameLength / SIZE_OF_WCHAR));
// TODO: should we check for \?\UNC\server for convert it to the NT style \\server path
// Remove the leading Windows object directory \?\ from the path if present
string targetPath = substituteName;
if (targetPath.StartsWith("\\??\\"))
targetPath = targetPath.Substring(4, targetPath.Length - 4);
string absolutePath = targetPath;
if (isRelative)
absolutePath = Path.GetFullPath(Path.Combine(new FileInfo(linkPath).Directory.FullName, targetPath));
return new LinkInfo
{
Type = linkType,
PrintName = printName,
SubstituteName = substituteName,
AbsolutePath = absolutePath,
TargetPath = targetPath
};
}
private static void CreateJunctionPoint(string linkPath, string linkTarget)
{
// We need to create the link as a dir beforehand
Directory.CreateDirectory(linkPath);
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Write,
FileShare.Read | FileShare.Write | FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
try
{
string substituteName = "\\??\\" + Path.GetFullPath(linkTarget);
string printName = linkTarget;
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
buffer.SubstituteNameOffset = 0;
buffer.SubstituteNameLength = (UInt16)(substituteName.Length * SIZE_OF_WCHAR);
buffer.PrintNameOffset = (UInt16)(buffer.SubstituteNameLength + 2);
buffer.PrintNameLength = (UInt16)(printName.Length * SIZE_OF_WCHAR);
buffer.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
buffer.ReparseDataLength = (UInt16)(buffer.SubstituteNameLength + buffer.PrintNameLength + 12);
buffer.PathBuffer = new char[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
byte[] unicodeBytes = Encoding.Unicode.GetBytes(substituteName + "\0" + printName);
char[] pathBuffer = Encoding.Unicode.GetChars(unicodeBytes);
Array.Copy(pathBuffer, buffer.PathBuffer, pathBuffer.Length);
UInt32 bytesReturned;
if (!DeviceIoControl(
fileHandle,
FSCTL_SET_REPARSE_POINT,
buffer,
(UInt32)(buffer.ReparseDataLength + 8),
IntPtr.Zero, 0,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed to create junction point at {0} to {1}", linkPath, linkTarget));
}
finally
{
fileHandle.Dispose();
}
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3205 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b39a2dfa-861a-4792-b018-671c56b21bdb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3204 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3203 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3202 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3201 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3200 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3199 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3198 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3197 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1b10545-265b-4be3-a3f5-c7e6eac81714
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3196 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5cb6c233-be8a-4917-8be2-1116ff43d9fe
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3195 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3194 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3193 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3192 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3191 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3190 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b32c9bcf-c9d0-4b47-8285-30d5e587b884
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3189 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=44c0466d-2d31-4058-a331-9ba1cd0cb753
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3188 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=4f419816-4d42-4579-a73e-1521472a802e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3187 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=4f419816-4d42-4579-a73e-1521472a802e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3186 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3185 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3184 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3183 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3182 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3181 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a814ea14-54cf-40f2-b793-40821a220cb5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAGIAYQBjAGsAdQBwACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3180 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0a7d5e7c-5dc3-4733-bd1e-c0b45b2b7bd5
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3179 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0a7d5e7c-5dc3-4733-bd1e-c0b45b2b7bd5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3178 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3177 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3176 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3175 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3174 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3173 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3172 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3171 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33c5332e-3e3c-4a08-b528-aaf75d30af1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3170 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=44c0466d-2d31-4058-a331-9ba1cd0cb753
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3169 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3168 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3167 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3166 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3165 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3164 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1ad7177-f874-44e5-bafe-ce833197a914
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3163 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=37
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ec533bf8-07be-4edd-a413-0595579ea241
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3162 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $platform_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=35
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dc1308cb-750d-439e-bcaf-7025e7caf34e
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $platform_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace Ansible.PrivilegeUtil
{
[Flags]
public enum PrivilegeAttributes : uint
{
Disabled = 0x00000000,
EnabledByDefault = 0x00000001,
Enabled = 0x00000002,
Removed = 0x00000004,
UsedForAccess = 0x80000000,
}
internal class NativeHelpers
{
[StructLayout(LayoutKind.Sequential)]
internal struct LUID
{
public UInt32 LowPart;
public Int32 HighPart;
}
[StructLayout(LayoutKind.Sequential)]
internal struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public PrivilegeAttributes Attributes;
}
[StructLayout(LayoutKind.Sequential)]
internal struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
}
internal class NativeMethods
{
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
[MarshalAs(UnmanagedType.Bool)] bool DisableAllPrivileges,
IntPtr NewState,
UInt32 BufferLength,
IntPtr PreviousState,
out UInt32 ReturnLength);
[DllImport("kernel32.dll")]
internal static extern bool CloseHandle(
IntPtr hObject);
[DllImport("kernel32")]
internal static extern SafeWaitHandle GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool GetTokenInformation(
IntPtr TokenHandle,
UInt32 TokenInformationClass,
IntPtr TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeName(
string lpSystemName,
ref NativeHelpers.LUID lpLuid,
StringBuilder lpName,
ref UInt32 cchName);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeValue(
string lpSystemName,
string lpName,
out NativeHelpers.LUID lpLuid);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool OpenProcessToken(
SafeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out IntPtr TokenHandle);
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class Privileges
{
private static readonly UInt32 TOKEN_PRIVILEGES = 3;
public static bool CheckPrivilegeName(string name)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, name, out luid))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 1313) // ERROR_NO_SUCH_PRIVILEGE
throw new Win32Exception(errCode, String.Format("LookupPrivilegeValue({0}) failed", name));
return false;
}
else
{
return true;
}
}
public static Dictionary<string, bool?> DisablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, false } });
}
public static Dictionary<string, bool?> DisableAllPrivileges(SafeHandle token)
{
return AdjustTokenPrivileges(token, null);
}
public static Dictionary<string, bool?> EnablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, true } });
}
public static Dictionary<String, PrivilegeAttributes> GetAllPrivilegeInfo(SafeHandle token)
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query, out hToken))
throw new Win32Exception("OpenProcessToken() failed");
Dictionary<String, PrivilegeAttributes> info = new Dictionary<String, PrivilegeAttributes>();
try
{
UInt32 tokenLength = 0;
NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, IntPtr.Zero, 0, out tokenLength);
NativeHelpers.LUID_AND_ATTRIBUTES[] privileges;
IntPtr privilegesPtr = Marshal.AllocHGlobal((int)tokenLength);
try
{
if (!NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, privilegesPtr, tokenLength, out tokenLength))
throw new Win32Exception("GetTokenInformation() for TOKEN_PRIVILEGES failed");
NativeHelpers.TOKEN_PRIVILEGES privilegeInfo = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(privilegesPtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[privilegeInfo.PrivilegeCount];
PtrToStructureArray(privileges, IntPtr.Add(privilegesPtr, Marshal.SizeOf(privilegeInfo.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(privilegesPtr);
}
info = privileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => p.Attributes);
}
finally
{
NativeMethods.CloseHandle(hToken);
}
return info;
}
public static SafeWaitHandle GetCurrentProcess()
{
return NativeMethods.GetCurrentProcess();
}
public static void RemovePrivilege(SafeHandle token, string privilege)
{
SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, null } });
}
public static Dictionary<string, bool?> SetTokenPrivileges(SafeHandle token, Dictionary<string, bool?> state)
{
NativeHelpers.LUID_AND_ATTRIBUTES[] privilegeAttr = new NativeHelpers.LUID_AND_ATTRIBUTES[state.Count];
int i = 0;
foreach (KeyValuePair<string, bool?> entry in state)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, entry.Key, out luid))
throw new Win32Exception(String.Format("LookupPrivilegeValue({0}) failed", entry.Key));
PrivilegeAttributes attributes;
switch (entry.Value)
{
case true:
attributes = PrivilegeAttributes.Enabled;
break;
case false:
attributes = PrivilegeAttributes.Disabled;
break;
default:
attributes = PrivilegeAttributes.Removed;
break;
}
privilegeAttr[i].Luid = luid;
privilegeAttr[i].Attributes = attributes;
i++;
}
return AdjustTokenPrivileges(token, privilegeAttr);
}
private static Dictionary<string, bool?> AdjustTokenPrivileges(SafeHandle token, NativeHelpers.LUID_AND_ATTRIBUTES[] newState)
{
bool disableAllPrivileges;
IntPtr newStatePtr;
NativeHelpers.LUID_AND_ATTRIBUTES[] oldStatePrivileges;
UInt32 returnLength;
if (newState == null)
{
disableAllPrivileges = true;
newStatePtr = IntPtr.Zero;
}
else
{
disableAllPrivileges = false;
// Need to manually marshal the bytes requires for newState as the constant size
// of LUID_AND_ATTRIBUTES is set to 1 and can't be overridden at runtime, TOKEN_PRIVILEGES
// always contains at least 1 entry so we need to calculate the extra size if there are
// nore than 1 LUID_AND_ATTRIBUTES entry
int tokenPrivilegesSize = Marshal.SizeOf(typeof(NativeHelpers.TOKEN_PRIVILEGES));
int luidAttrSize = 0;
if (newState.Length > 1)
luidAttrSize = Marshal.SizeOf(typeof(NativeHelpers.LUID_AND_ATTRIBUTES)) * (newState.Length - 1);
int totalSize = tokenPrivilegesSize + luidAttrSize;
byte[] newStateBytes = new byte[totalSize];
// get the first entry that includes the struct details
NativeHelpers.TOKEN_PRIVILEGES tokenPrivileges = new NativeHelpers.TOKEN_PRIVILEGES()
{
PrivilegeCount = (UInt32)newState.Length,
Privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[1],
};
if (newState.Length > 0)
tokenPrivileges.Privileges[0] = newState[0];
int offset = StructureToBytes(tokenPrivileges, newStateBytes, 0);
// copy the remaining LUID_AND_ATTRIBUTES (if any)
for (int i = 1; i < newState.Length; i++)
offset += StructureToBytes(newState[i], newStateBytes, offset);
// finally create the pointer to the byte array we just created
newStatePtr = Marshal.AllocHGlobal(newStateBytes.Length);
Marshal.Copy(newStateBytes, 0, newStatePtr, newStateBytes.Length);
}
try
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query | TokenAccessLevels.AdjustPrivileges, out hToken))
throw new Win32Exception("OpenProcessToken() failed with Query and AdjustPrivileges");
try
{
IntPtr oldStatePtr = Marshal.AllocHGlobal(0);
if (!NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, 0, oldStatePtr, out returnLength))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 122) // ERROR_INSUFFICIENT_BUFFER
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed to get old state size");
}
// resize the oldStatePtr based on the length returned from Windows
Marshal.FreeHGlobal(oldStatePtr);
oldStatePtr = Marshal.AllocHGlobal((int)returnLength);
try
{
bool res = NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, returnLength, oldStatePtr, out returnLength);
int errCode = Marshal.GetLastWin32Error();
// even when res == true, ERROR_NOT_ALL_ASSIGNED may be set as the last error code
if (!res || errCode != 0)
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed");
// Marshal the oldStatePtr to the struct
NativeHelpers.TOKEN_PRIVILEGES oldState = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(oldStatePtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
oldStatePrivileges = new NativeHelpers.LUID_AND_ATTRIBUTES[oldState.PrivilegeCount];
PtrToStructureArray(oldStatePrivileges, IntPtr.Add(oldStatePtr, Marshal.SizeOf(oldState.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(oldStatePtr);
}
}
finally
{
NativeMethods.CloseHandle(hToken);
}
}
finally
{
if (newStatePtr != IntPtr.Zero)
Marshal.FreeHGlobal(newStatePtr);
}
return oldStatePrivileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => (bool?)p.Attributes.HasFlag(PrivilegeAttributes.Enabled));
}
private static string GetPrivilegeName(NativeHelpers.LUID luid)
{
UInt32 nameLen = 0;
NativeMethods.LookupPrivilegeName(null, ref luid, null, ref nameLen);
StringBuilder name = new StringBuilder((int)(nameLen + 1));
if (!NativeMethods.LookupPrivilegeName(null, ref luid, name, ref nameLen))
throw new Win32Exception("LookupPrivilegeName() failed");
return name.ToString();
}
private static void PtrToStructureArray<T>(T[] array, IntPtr ptr)
{
IntPtr ptrOffset = ptr;
for (int i = 0; i < array.Length; i++, ptrOffset = IntPtr.Add(ptrOffset, Marshal.SizeOf(typeof(T))))
array[i] = (T)Marshal.PtrToStructure(ptrOffset, typeof(T));
}
private static int StructureToBytes<T>(T structure, byte[] array, int offset)
{
int size = Marshal.SizeOf(structure);
IntPtr structPtr = Marshal.AllocHGlobal(size);
try
{
Marshal.StructureToPtr(structure, structPtr, false);
Marshal.Copy(structPtr, array, offset, size);
}
finally
{
Marshal.FreeHGlobal(structPtr);
}
return size;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3161 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $link_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dc1308cb-750d-439e-bcaf-7025e7caf34e
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $link_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Ansible
{
public enum LinkType
{
SymbolicLink,
JunctionPoint,
HardLink
}
public class LinkUtilWin32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public LinkUtilWin32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public LinkUtilWin32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator LinkUtilWin32Exception(string message) { return new LinkUtilWin32Exception(message); }
}
public class LinkInfo
{
public LinkType Type { get; internal set; }
public string PrintName { get; internal set; }
public string SubstituteName { get; internal set; }
public string AbsolutePath { get; internal set; }
public string TargetPath { get; internal set; }
public string[] HardTargets { get; internal set; }
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct REPARSE_DATA_BUFFER
{
public UInt32 ReparseTag;
public UInt16 ReparseDataLength;
public UInt16 Reserved;
public UInt16 SubstituteNameOffset;
public UInt16 SubstituteNameLength;
public UInt16 PrintNameOffset;
public UInt16 PrintNameLength;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = LinkUtil.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)]
public char[] PathBuffer;
}
public class LinkUtil
{
public const int MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 1024 * 16;
private const UInt32 FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private const UInt32 FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
private const UInt32 FSCTL_GET_REPARSE_POINT = 0x000900A8;
private const UInt32 FSCTL_SET_REPARSE_POINT = 0x000900A4;
private const UInt32 FILE_DEVICE_FILE_SYSTEM = 0x00090000;
private const UInt32 IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003;
private const UInt32 IO_REPARSE_TAG_SYMLINK = 0xA000000C;
private const UInt32 SYMLINK_FLAG_RELATIVE = 0x00000001;
private const Int64 INVALID_HANDLE_VALUE = -1;
private const UInt32 SIZE_OF_WCHAR = 2;
private const UInt32 SYMBOLIC_LINK_FLAG_FILE = 0x00000000;
private const UInt32 SYMBOLIC_LINK_FLAG_DIRECTORY = 0x00000001;
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern SafeFileHandle CreateFile(
string lpFileName,
[MarshalAs(UnmanagedType.U4)] FileAccess dwDesiredAccess,
[MarshalAs(UnmanagedType.U4)] FileShare dwShareMode,
IntPtr lpSecurityAttributes,
[MarshalAs(UnmanagedType.U4)] FileMode dwCreationDisposition,
UInt32 dwFlagsAndAttributes,
IntPtr hTemplateFile);
// Used by GetReparsePointInfo()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
IntPtr lpInBuffer,
UInt32 nInBufferSize,
out REPARSE_DATA_BUFFER lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
// Used by CreateJunctionPoint()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
REPARSE_DATA_BUFFER lpInBuffer,
UInt32 nInBufferSize,
IntPtr lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool GetVolumePathName(
string lpszFileName,
StringBuilder lpszVolumePathName,
ref UInt32 cchBufferLength);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern IntPtr FindFirstFileNameW(
string lpFileName,
UInt32 dwFlags,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool FindNextFileNameW(
IntPtr hFindStream,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool FindClose(
IntPtr hFindFile);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool RemoveDirectory(
string lpPathName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeleteFile(
string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateSymbolicLink(
string lpSymlinkFileName,
string lpTargetFileName,
UInt32 dwFlags);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateHardLink(
string lpFileName,
string lpExistingFileName,
IntPtr lpSecurityAttributes);
public static LinkInfo GetLinkInfo(string linkPath)
{
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.ReparsePoint))
return GetReparsePointInfo(linkPath);
if (!attr.HasFlag(FileAttributes.Directory))
return GetHardLinkInfo(linkPath);
return null;
}
public static void DeleteLink(string linkPath)
{
bool success;
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.Directory))
{
success = RemoveDirectory(linkPath);
}
else
{
success = DeleteFile(linkPath);
}
if (!success)
throw new LinkUtilWin32Exception(String.Format("Failed to delete link at {0}", linkPath));
}
public static void CreateLink(string linkPath, String linkTarget, LinkType linkType)
{
switch (linkType)
{
case LinkType.SymbolicLink:
UInt32 linkFlags;
FileAttributes attr = File.GetAttributes(linkTarget);
if (attr.HasFlag(FileAttributes.Directory))
linkFlags = SYMBOLIC_LINK_FLAG_DIRECTORY;
else
linkFlags = SYMBOLIC_LINK_FLAG_FILE;
if (!CreateSymbolicLink(linkPath, linkTarget, linkFlags))
throw new LinkUtilWin32Exception(String.Format("CreateSymbolicLink({0}, {1}, {2}) failed", linkPath, linkTarget, linkFlags));
break;
case LinkType.JunctionPoint:
CreateJunctionPoint(linkPath, linkTarget);
break;
case LinkType.HardLink:
if (!CreateHardLink(linkPath, linkTarget, IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("CreateHardLink({0}, {1}) failed", linkPath, linkTarget));
break;
}
}
private static LinkInfo GetHardLinkInfo(string linkPath)
{
UInt32 maxPath = 260;
List<string> result = new List<string>();
StringBuilder sb = new StringBuilder((int)maxPath);
UInt32 stringLength = maxPath;
if (!GetVolumePathName(linkPath, sb, ref stringLength))
throw new LinkUtilWin32Exception("GetVolumePathName() failed");
string volume = sb.ToString();
stringLength = maxPath;
IntPtr findHandle = FindFirstFileNameW(linkPath, 0, ref stringLength, sb);
if (findHandle.ToInt64() != INVALID_HANDLE_VALUE)
{
try
{
do
{
string hardLinkPath = sb.ToString();
if (hardLinkPath.StartsWith("\\"))
hardLinkPath = hardLinkPath.Substring(1, hardLinkPath.Length - 1);
result.Add(Path.Combine(volume, hardLinkPath));
stringLength = maxPath;
} while (FindNextFileNameW(findHandle, ref stringLength, sb));
}
finally
{
FindClose(findHandle);
}
}
if (result.Count > 1)
return new LinkInfo
{
Type = LinkType.HardLink,
HardTargets = result.ToArray()
};
return null;
}
private static LinkInfo GetReparsePointInfo(string linkPath)
{
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Read,
FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
UInt32 bytesReturned;
try
{
if (!DeviceIoControl(
fileHandle,
FSCTL_GET_REPARSE_POINT,
IntPtr.Zero,
0,
out buffer,
MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed for file at {0}", linkPath));
}
finally
{
fileHandle.Dispose();
}
bool isRelative = false;
int pathOffset = 0;
LinkType linkType;
if (buffer.ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
UInt32 bufferFlags = Convert.ToUInt32(buffer.PathBuffer[0]) + Convert.ToUInt32(buffer.PathBuffer[1]);
if (bufferFlags == SYMLINK_FLAG_RELATIVE)
isRelative = true;
pathOffset = 2;
linkType = LinkType.SymbolicLink;
}
else if (buffer.ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
linkType = LinkType.JunctionPoint;
}
else
{
string errorMessage = String.Format("Invalid Reparse Tag: {0}", buffer.ReparseTag.ToString());
throw new Exception(errorMessage);
}
string printName = new string(buffer.PathBuffer, (int)(buffer.PrintNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.PrintNameLength / SIZE_OF_WCHAR));
string substituteName = new string(buffer.PathBuffer, (int)(buffer.SubstituteNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.SubstituteNameLength / SIZE_OF_WCHAR));
// TODO: should we check for \?\UNC\server for convert it to the NT style \\server path
// Remove the leading Windows object directory \?\ from the path if present
string targetPath = substituteName;
if (targetPath.StartsWith("\\??\\"))
targetPath = targetPath.Substring(4, targetPath.Length - 4);
string absolutePath = targetPath;
if (isRelative)
absolutePath = Path.GetFullPath(Path.Combine(new FileInfo(linkPath).Directory.FullName, targetPath));
return new LinkInfo
{
Type = linkType,
PrintName = printName,
SubstituteName = substituteName,
AbsolutePath = absolutePath,
TargetPath = targetPath
};
}
private static void CreateJunctionPoint(string linkPath, string linkTarget)
{
// We need to create the link as a dir beforehand
Directory.CreateDirectory(linkPath);
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Write,
FileShare.Read | FileShare.Write | FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
try
{
string substituteName = "\\??\\" + Path.GetFullPath(linkTarget);
string printName = linkTarget;
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
buffer.SubstituteNameOffset = 0;
buffer.SubstituteNameLength = (UInt16)(substituteName.Length * SIZE_OF_WCHAR);
buffer.PrintNameOffset = (UInt16)(buffer.SubstituteNameLength + 2);
buffer.PrintNameLength = (UInt16)(printName.Length * SIZE_OF_WCHAR);
buffer.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
buffer.ReparseDataLength = (UInt16)(buffer.SubstituteNameLength + buffer.PrintNameLength + 12);
buffer.PathBuffer = new char[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
byte[] unicodeBytes = Encoding.Unicode.GetBytes(substituteName + "\0" + printName);
char[] pathBuffer = Encoding.Unicode.GetChars(unicodeBytes);
Array.Copy(pathBuffer, buffer.PathBuffer, pathBuffer.Length);
UInt32 bytesReturned;
if (!DeviceIoControl(
fileHandle,
FSCTL_SET_REPARSE_POINT,
buffer,
(UInt32)(buffer.ReparseDataLength + 8),
IntPtr.Zero, 0,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed to create junction point at {0} to {1}", linkPath, linkTarget));
}
finally
{
fileHandle.Dispose();
}
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3160 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dc1308cb-750d-439e-bcaf-7025e7caf34e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3159 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3158 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3157 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3156 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3155 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3154 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3153 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3152 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5398326e-fe4d-45c2-a596-c92ed17dcebf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3151 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ec533bf8-07be-4edd-a413-0595579ea241
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3150 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3149 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3148 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3147 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3146 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3145 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3fbb2cd8-9d58-4e01-9556-798c00ede468
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3144 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1f3f16f1-62d2-4306-ac15-ca178d7c6ee6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3143 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=90d2e8df-d4df-4670-8b98-f36202541a95
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3142 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=90d2e8df-d4df-4670-8b98-f36202541a95
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3141 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3140 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3139 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3138 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3137 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3136 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0ab65f42-2a31-4f4f-ad53-e0dbae6f8541
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABjAGkAbgBkAGUAcgAtAHYAbwBsAHUAbQBlACAAfAAgACUAewAkAF8ALgBTAHQAYQB0AHUAcwB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3135 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=05857e85-d36b-465c-b73c-67965603a65c
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3134 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=05857e85-d36b-465c-b73c-67965603a65c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3133 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3132 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3131 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3130 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3129 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3128 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3127 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3126 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5b43acc-9940-4d48-8dc5-493553a648b4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3125 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1f3f16f1-62d2-4306-ac15-ca178d7c6ee6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3124 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3123 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3122 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3121 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3120 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3119 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159be5ce-6003-40c4-b03b-8741212308a3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3118 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=37
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0f38a954-fb12-4e25-b329-cb132464487f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3117 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $platform_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=35
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1c836480-24d1-4074-9b68-cc8ba9c40bab
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $platform_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace Ansible.PrivilegeUtil
{
[Flags]
public enum PrivilegeAttributes : uint
{
Disabled = 0x00000000,
EnabledByDefault = 0x00000001,
Enabled = 0x00000002,
Removed = 0x00000004,
UsedForAccess = 0x80000000,
}
internal class NativeHelpers
{
[StructLayout(LayoutKind.Sequential)]
internal struct LUID
{
public UInt32 LowPart;
public Int32 HighPart;
}
[StructLayout(LayoutKind.Sequential)]
internal struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public PrivilegeAttributes Attributes;
}
[StructLayout(LayoutKind.Sequential)]
internal struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
}
internal class NativeMethods
{
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
[MarshalAs(UnmanagedType.Bool)] bool DisableAllPrivileges,
IntPtr NewState,
UInt32 BufferLength,
IntPtr PreviousState,
out UInt32 ReturnLength);
[DllImport("kernel32.dll")]
internal static extern bool CloseHandle(
IntPtr hObject);
[DllImport("kernel32")]
internal static extern SafeWaitHandle GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool GetTokenInformation(
IntPtr TokenHandle,
UInt32 TokenInformationClass,
IntPtr TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeName(
string lpSystemName,
ref NativeHelpers.LUID lpLuid,
StringBuilder lpName,
ref UInt32 cchName);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeValue(
string lpSystemName,
string lpName,
out NativeHelpers.LUID lpLuid);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool OpenProcessToken(
SafeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out IntPtr TokenHandle);
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class Privileges
{
private static readonly UInt32 TOKEN_PRIVILEGES = 3;
public static bool CheckPrivilegeName(string name)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, name, out luid))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 1313) // ERROR_NO_SUCH_PRIVILEGE
throw new Win32Exception(errCode, String.Format("LookupPrivilegeValue({0}) failed", name));
return false;
}
else
{
return true;
}
}
public static Dictionary<string, bool?> DisablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, false } });
}
public static Dictionary<string, bool?> DisableAllPrivileges(SafeHandle token)
{
return AdjustTokenPrivileges(token, null);
}
public static Dictionary<string, bool?> EnablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, true } });
}
public static Dictionary<String, PrivilegeAttributes> GetAllPrivilegeInfo(SafeHandle token)
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query, out hToken))
throw new Win32Exception("OpenProcessToken() failed");
Dictionary<String, PrivilegeAttributes> info = new Dictionary<String, PrivilegeAttributes>();
try
{
UInt32 tokenLength = 0;
NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, IntPtr.Zero, 0, out tokenLength);
NativeHelpers.LUID_AND_ATTRIBUTES[] privileges;
IntPtr privilegesPtr = Marshal.AllocHGlobal((int)tokenLength);
try
{
if (!NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, privilegesPtr, tokenLength, out tokenLength))
throw new Win32Exception("GetTokenInformation() for TOKEN_PRIVILEGES failed");
NativeHelpers.TOKEN_PRIVILEGES privilegeInfo = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(privilegesPtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[privilegeInfo.PrivilegeCount];
PtrToStructureArray(privileges, IntPtr.Add(privilegesPtr, Marshal.SizeOf(privilegeInfo.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(privilegesPtr);
}
info = privileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => p.Attributes);
}
finally
{
NativeMethods.CloseHandle(hToken);
}
return info;
}
public static SafeWaitHandle GetCurrentProcess()
{
return NativeMethods.GetCurrentProcess();
}
public static void RemovePrivilege(SafeHandle token, string privilege)
{
SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, null } });
}
public static Dictionary<string, bool?> SetTokenPrivileges(SafeHandle token, Dictionary<string, bool?> state)
{
NativeHelpers.LUID_AND_ATTRIBUTES[] privilegeAttr = new NativeHelpers.LUID_AND_ATTRIBUTES[state.Count];
int i = 0;
foreach (KeyValuePair<string, bool?> entry in state)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, entry.Key, out luid))
throw new Win32Exception(String.Format("LookupPrivilegeValue({0}) failed", entry.Key));
PrivilegeAttributes attributes;
switch (entry.Value)
{
case true:
attributes = PrivilegeAttributes.Enabled;
break;
case false:
attributes = PrivilegeAttributes.Disabled;
break;
default:
attributes = PrivilegeAttributes.Removed;
break;
}
privilegeAttr[i].Luid = luid;
privilegeAttr[i].Attributes = attributes;
i++;
}
return AdjustTokenPrivileges(token, privilegeAttr);
}
private static Dictionary<string, bool?> AdjustTokenPrivileges(SafeHandle token, NativeHelpers.LUID_AND_ATTRIBUTES[] newState)
{
bool disableAllPrivileges;
IntPtr newStatePtr;
NativeHelpers.LUID_AND_ATTRIBUTES[] oldStatePrivileges;
UInt32 returnLength;
if (newState == null)
{
disableAllPrivileges = true;
newStatePtr = IntPtr.Zero;
}
else
{
disableAllPrivileges = false;
// Need to manually marshal the bytes requires for newState as the constant size
// of LUID_AND_ATTRIBUTES is set to 1 and can't be overridden at runtime, TOKEN_PRIVILEGES
// always contains at least 1 entry so we need to calculate the extra size if there are
// nore than 1 LUID_AND_ATTRIBUTES entry
int tokenPrivilegesSize = Marshal.SizeOf(typeof(NativeHelpers.TOKEN_PRIVILEGES));
int luidAttrSize = 0;
if (newState.Length > 1)
luidAttrSize = Marshal.SizeOf(typeof(NativeHelpers.LUID_AND_ATTRIBUTES)) * (newState.Length - 1);
int totalSize = tokenPrivilegesSize + luidAttrSize;
byte[] newStateBytes = new byte[totalSize];
// get the first entry that includes the struct details
NativeHelpers.TOKEN_PRIVILEGES tokenPrivileges = new NativeHelpers.TOKEN_PRIVILEGES()
{
PrivilegeCount = (UInt32)newState.Length,
Privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[1],
};
if (newState.Length > 0)
tokenPrivileges.Privileges[0] = newState[0];
int offset = StructureToBytes(tokenPrivileges, newStateBytes, 0);
// copy the remaining LUID_AND_ATTRIBUTES (if any)
for (int i = 1; i < newState.Length; i++)
offset += StructureToBytes(newState[i], newStateBytes, offset);
// finally create the pointer to the byte array we just created
newStatePtr = Marshal.AllocHGlobal(newStateBytes.Length);
Marshal.Copy(newStateBytes, 0, newStatePtr, newStateBytes.Length);
}
try
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query | TokenAccessLevels.AdjustPrivileges, out hToken))
throw new Win32Exception("OpenProcessToken() failed with Query and AdjustPrivileges");
try
{
IntPtr oldStatePtr = Marshal.AllocHGlobal(0);
if (!NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, 0, oldStatePtr, out returnLength))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 122) // ERROR_INSUFFICIENT_BUFFER
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed to get old state size");
}
// resize the oldStatePtr based on the length returned from Windows
Marshal.FreeHGlobal(oldStatePtr);
oldStatePtr = Marshal.AllocHGlobal((int)returnLength);
try
{
bool res = NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, returnLength, oldStatePtr, out returnLength);
int errCode = Marshal.GetLastWin32Error();
// even when res == true, ERROR_NOT_ALL_ASSIGNED may be set as the last error code
if (!res || errCode != 0)
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed");
// Marshal the oldStatePtr to the struct
NativeHelpers.TOKEN_PRIVILEGES oldState = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(oldStatePtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
oldStatePrivileges = new NativeHelpers.LUID_AND_ATTRIBUTES[oldState.PrivilegeCount];
PtrToStructureArray(oldStatePrivileges, IntPtr.Add(oldStatePtr, Marshal.SizeOf(oldState.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(oldStatePtr);
}
}
finally
{
NativeMethods.CloseHandle(hToken);
}
}
finally
{
if (newStatePtr != IntPtr.Zero)
Marshal.FreeHGlobal(newStatePtr);
}
return oldStatePrivileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => (bool?)p.Attributes.HasFlag(PrivilegeAttributes.Enabled));
}
private static string GetPrivilegeName(NativeHelpers.LUID luid)
{
UInt32 nameLen = 0;
NativeMethods.LookupPrivilegeName(null, ref luid, null, ref nameLen);
StringBuilder name = new StringBuilder((int)(nameLen + 1));
if (!NativeMethods.LookupPrivilegeName(null, ref luid, name, ref nameLen))
throw new Win32Exception("LookupPrivilegeName() failed");
return name.ToString();
}
private static void PtrToStructureArray<T>(T[] array, IntPtr ptr)
{
IntPtr ptrOffset = ptr;
for (int i = 0; i < array.Length; i++, ptrOffset = IntPtr.Add(ptrOffset, Marshal.SizeOf(typeof(T))))
array[i] = (T)Marshal.PtrToStructure(ptrOffset, typeof(T));
}
private static int StructureToBytes<T>(T structure, byte[] array, int offset)
{
int size = Marshal.SizeOf(structure);
IntPtr structPtr = Marshal.AllocHGlobal(size);
try
{
Marshal.StructureToPtr(structure, structPtr, false);
Marshal.Copy(structPtr, array, offset, size);
}
finally
{
Marshal.FreeHGlobal(structPtr);
}
return size;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3116 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $link_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1c836480-24d1-4074-9b68-cc8ba9c40bab
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $link_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Ansible
{
public enum LinkType
{
SymbolicLink,
JunctionPoint,
HardLink
}
public class LinkUtilWin32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public LinkUtilWin32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public LinkUtilWin32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator LinkUtilWin32Exception(string message) { return new LinkUtilWin32Exception(message); }
}
public class LinkInfo
{
public LinkType Type { get; internal set; }
public string PrintName { get; internal set; }
public string SubstituteName { get; internal set; }
public string AbsolutePath { get; internal set; }
public string TargetPath { get; internal set; }
public string[] HardTargets { get; internal set; }
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct REPARSE_DATA_BUFFER
{
public UInt32 ReparseTag;
public UInt16 ReparseDataLength;
public UInt16 Reserved;
public UInt16 SubstituteNameOffset;
public UInt16 SubstituteNameLength;
public UInt16 PrintNameOffset;
public UInt16 PrintNameLength;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = LinkUtil.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)]
public char[] PathBuffer;
}
public class LinkUtil
{
public const int MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 1024 * 16;
private const UInt32 FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private const UInt32 FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
private const UInt32 FSCTL_GET_REPARSE_POINT = 0x000900A8;
private const UInt32 FSCTL_SET_REPARSE_POINT = 0x000900A4;
private const UInt32 FILE_DEVICE_FILE_SYSTEM = 0x00090000;
private const UInt32 IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003;
private const UInt32 IO_REPARSE_TAG_SYMLINK = 0xA000000C;
private const UInt32 SYMLINK_FLAG_RELATIVE = 0x00000001;
private const Int64 INVALID_HANDLE_VALUE = -1;
private const UInt32 SIZE_OF_WCHAR = 2;
private const UInt32 SYMBOLIC_LINK_FLAG_FILE = 0x00000000;
private const UInt32 SYMBOLIC_LINK_FLAG_DIRECTORY = 0x00000001;
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern SafeFileHandle CreateFile(
string lpFileName,
[MarshalAs(UnmanagedType.U4)] FileAccess dwDesiredAccess,
[MarshalAs(UnmanagedType.U4)] FileShare dwShareMode,
IntPtr lpSecurityAttributes,
[MarshalAs(UnmanagedType.U4)] FileMode dwCreationDisposition,
UInt32 dwFlagsAndAttributes,
IntPtr hTemplateFile);
// Used by GetReparsePointInfo()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
IntPtr lpInBuffer,
UInt32 nInBufferSize,
out REPARSE_DATA_BUFFER lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
// Used by CreateJunctionPoint()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
REPARSE_DATA_BUFFER lpInBuffer,
UInt32 nInBufferSize,
IntPtr lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool GetVolumePathName(
string lpszFileName,
StringBuilder lpszVolumePathName,
ref UInt32 cchBufferLength);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern IntPtr FindFirstFileNameW(
string lpFileName,
UInt32 dwFlags,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool FindNextFileNameW(
IntPtr hFindStream,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool FindClose(
IntPtr hFindFile);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool RemoveDirectory(
string lpPathName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeleteFile(
string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateSymbolicLink(
string lpSymlinkFileName,
string lpTargetFileName,
UInt32 dwFlags);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateHardLink(
string lpFileName,
string lpExistingFileName,
IntPtr lpSecurityAttributes);
public static LinkInfo GetLinkInfo(string linkPath)
{
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.ReparsePoint))
return GetReparsePointInfo(linkPath);
if (!attr.HasFlag(FileAttributes.Directory))
return GetHardLinkInfo(linkPath);
return null;
}
public static void DeleteLink(string linkPath)
{
bool success;
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.Directory))
{
success = RemoveDirectory(linkPath);
}
else
{
success = DeleteFile(linkPath);
}
if (!success)
throw new LinkUtilWin32Exception(String.Format("Failed to delete link at {0}", linkPath));
}
public static void CreateLink(string linkPath, String linkTarget, LinkType linkType)
{
switch (linkType)
{
case LinkType.SymbolicLink:
UInt32 linkFlags;
FileAttributes attr = File.GetAttributes(linkTarget);
if (attr.HasFlag(FileAttributes.Directory))
linkFlags = SYMBOLIC_LINK_FLAG_DIRECTORY;
else
linkFlags = SYMBOLIC_LINK_FLAG_FILE;
if (!CreateSymbolicLink(linkPath, linkTarget, linkFlags))
throw new LinkUtilWin32Exception(String.Format("CreateSymbolicLink({0}, {1}, {2}) failed", linkPath, linkTarget, linkFlags));
break;
case LinkType.JunctionPoint:
CreateJunctionPoint(linkPath, linkTarget);
break;
case LinkType.HardLink:
if (!CreateHardLink(linkPath, linkTarget, IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("CreateHardLink({0}, {1}) failed", linkPath, linkTarget));
break;
}
}
private static LinkInfo GetHardLinkInfo(string linkPath)
{
UInt32 maxPath = 260;
List<string> result = new List<string>();
StringBuilder sb = new StringBuilder((int)maxPath);
UInt32 stringLength = maxPath;
if (!GetVolumePathName(linkPath, sb, ref stringLength))
throw new LinkUtilWin32Exception("GetVolumePathName() failed");
string volume = sb.ToString();
stringLength = maxPath;
IntPtr findHandle = FindFirstFileNameW(linkPath, 0, ref stringLength, sb);
if (findHandle.ToInt64() != INVALID_HANDLE_VALUE)
{
try
{
do
{
string hardLinkPath = sb.ToString();
if (hardLinkPath.StartsWith("\\"))
hardLinkPath = hardLinkPath.Substring(1, hardLinkPath.Length - 1);
result.Add(Path.Combine(volume, hardLinkPath));
stringLength = maxPath;
} while (FindNextFileNameW(findHandle, ref stringLength, sb));
}
finally
{
FindClose(findHandle);
}
}
if (result.Count > 1)
return new LinkInfo
{
Type = LinkType.HardLink,
HardTargets = result.ToArray()
};
return null;
}
private static LinkInfo GetReparsePointInfo(string linkPath)
{
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Read,
FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
UInt32 bytesReturned;
try
{
if (!DeviceIoControl(
fileHandle,
FSCTL_GET_REPARSE_POINT,
IntPtr.Zero,
0,
out buffer,
MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed for file at {0}", linkPath));
}
finally
{
fileHandle.Dispose();
}
bool isRelative = false;
int pathOffset = 0;
LinkType linkType;
if (buffer.ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
UInt32 bufferFlags = Convert.ToUInt32(buffer.PathBuffer[0]) + Convert.ToUInt32(buffer.PathBuffer[1]);
if (bufferFlags == SYMLINK_FLAG_RELATIVE)
isRelative = true;
pathOffset = 2;
linkType = LinkType.SymbolicLink;
}
else if (buffer.ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
linkType = LinkType.JunctionPoint;
}
else
{
string errorMessage = String.Format("Invalid Reparse Tag: {0}", buffer.ReparseTag.ToString());
throw new Exception(errorMessage);
}
string printName = new string(buffer.PathBuffer, (int)(buffer.PrintNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.PrintNameLength / SIZE_OF_WCHAR));
string substituteName = new string(buffer.PathBuffer, (int)(buffer.SubstituteNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.SubstituteNameLength / SIZE_OF_WCHAR));
// TODO: should we check for \?\UNC\server for convert it to the NT style \\server path
// Remove the leading Windows object directory \?\ from the path if present
string targetPath = substituteName;
if (targetPath.StartsWith("\\??\\"))
targetPath = targetPath.Substring(4, targetPath.Length - 4);
string absolutePath = targetPath;
if (isRelative)
absolutePath = Path.GetFullPath(Path.Combine(new FileInfo(linkPath).Directory.FullName, targetPath));
return new LinkInfo
{
Type = linkType,
PrintName = printName,
SubstituteName = substituteName,
AbsolutePath = absolutePath,
TargetPath = targetPath
};
}
private static void CreateJunctionPoint(string linkPath, string linkTarget)
{
// We need to create the link as a dir beforehand
Directory.CreateDirectory(linkPath);
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Write,
FileShare.Read | FileShare.Write | FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
try
{
string substituteName = "\\??\\" + Path.GetFullPath(linkTarget);
string printName = linkTarget;
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
buffer.SubstituteNameOffset = 0;
buffer.SubstituteNameLength = (UInt16)(substituteName.Length * SIZE_OF_WCHAR);
buffer.PrintNameOffset = (UInt16)(buffer.SubstituteNameLength + 2);
buffer.PrintNameLength = (UInt16)(printName.Length * SIZE_OF_WCHAR);
buffer.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
buffer.ReparseDataLength = (UInt16)(buffer.SubstituteNameLength + buffer.PrintNameLength + 12);
buffer.PathBuffer = new char[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
byte[] unicodeBytes = Encoding.Unicode.GetBytes(substituteName + "\0" + printName);
char[] pathBuffer = Encoding.Unicode.GetChars(unicodeBytes);
Array.Copy(pathBuffer, buffer.PathBuffer, pathBuffer.Length);
UInt32 bytesReturned;
if (!DeviceIoControl(
fileHandle,
FSCTL_SET_REPARSE_POINT,
buffer,
(UInt32)(buffer.ReparseDataLength + 8),
IntPtr.Zero, 0,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed to create junction point at {0} to {1}", linkPath, linkTarget));
}
finally
{
fileHandle.Dispose();
}
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3115 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1c836480-24d1-4074-9b68-cc8ba9c40bab
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3114 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3113 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3112 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3111 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3110 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3109 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3108 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3107 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e91b6a5d-b694-4baa-b391-24c0729485b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3106 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0f38a954-fb12-4e25-b329-cb132464487f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3105 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3104 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3103 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3102 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3101 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3100 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09ff1bd9-41ed-4e8f-b0e6-621cd0021e0b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3099 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=46ac7b10-2d6a-4704-bf5e-d36495c8a8a2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3098 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=5a89a49f-bc95-4c26-93fd-bd8b3ade44d3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3097 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=5a89a49f-bc95-4c26-93fd-bd8b3ade44d3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3096 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3095 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3094 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3093 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3092 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3091 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca528ac8-3dfc-489f-8dc5-9aac0f2a1570
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFMAZQByAHYAaQBjAGUAIABuAG8AdgBhAC0AYwBvAG0AcAB1AHQAZQAgAHwAIAAlAHsAJABfAC4AUwB0AGEAdAB1AHMAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3090 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=22a0519c-d1c9-43f1-86d4-90971bedd26a
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3089 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=22a0519c-d1c9-43f1-86d4-90971bedd26a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3088 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3087 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3086 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3085 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3084 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3083 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3082 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3081 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c7a76a94-35e3-4348-8c9a-a5a237c48d1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3080 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=46ac7b10-2d6a-4704-bf5e-d36495c8a8a2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3079 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3078 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3077 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3076 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3075 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3074 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ec4942a-17f5-4e34-b108-8c8445c26f40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3073 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=37
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=525587df-d1c3-4964-b06c-183ac33a52f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3072 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $platform_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=35
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d24ea16b-5ad7-4b74-ba87-512664dddaaa
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $platform_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace Ansible.PrivilegeUtil
{
[Flags]
public enum PrivilegeAttributes : uint
{
Disabled = 0x00000000,
EnabledByDefault = 0x00000001,
Enabled = 0x00000002,
Removed = 0x00000004,
UsedForAccess = 0x80000000,
}
internal class NativeHelpers
{
[StructLayout(LayoutKind.Sequential)]
internal struct LUID
{
public UInt32 LowPart;
public Int32 HighPart;
}
[StructLayout(LayoutKind.Sequential)]
internal struct LUID_AND_ATTRIBUTES
{
public LUID Luid;
public PrivilegeAttributes Attributes;
}
[StructLayout(LayoutKind.Sequential)]
internal struct TOKEN_PRIVILEGES
{
public UInt32 PrivilegeCount;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 1)]
public LUID_AND_ATTRIBUTES[] Privileges;
}
}
internal class NativeMethods
{
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(
IntPtr TokenHandle,
[MarshalAs(UnmanagedType.Bool)] bool DisableAllPrivileges,
IntPtr NewState,
UInt32 BufferLength,
IntPtr PreviousState,
out UInt32 ReturnLength);
[DllImport("kernel32.dll")]
internal static extern bool CloseHandle(
IntPtr hObject);
[DllImport("kernel32")]
internal static extern SafeWaitHandle GetCurrentProcess();
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool GetTokenInformation(
IntPtr TokenHandle,
UInt32 TokenInformationClass,
IntPtr TokenInformation,
UInt32 TokenInformationLength,
out UInt32 ReturnLength);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeName(
string lpSystemName,
ref NativeHelpers.LUID lpLuid,
StringBuilder lpName,
ref UInt32 cchName);
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern bool LookupPrivilegeValue(
string lpSystemName,
string lpName,
out NativeHelpers.LUID lpLuid);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool OpenProcessToken(
SafeHandle ProcessHandle,
TokenAccessLevels DesiredAccess,
out IntPtr TokenHandle);
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class Privileges
{
private static readonly UInt32 TOKEN_PRIVILEGES = 3;
public static bool CheckPrivilegeName(string name)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, name, out luid))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 1313) // ERROR_NO_SUCH_PRIVILEGE
throw new Win32Exception(errCode, String.Format("LookupPrivilegeValue({0}) failed", name));
return false;
}
else
{
return true;
}
}
public static Dictionary<string, bool?> DisablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, false } });
}
public static Dictionary<string, bool?> DisableAllPrivileges(SafeHandle token)
{
return AdjustTokenPrivileges(token, null);
}
public static Dictionary<string, bool?> EnablePrivilege(SafeHandle token, string privilege)
{
return SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, true } });
}
public static Dictionary<String, PrivilegeAttributes> GetAllPrivilegeInfo(SafeHandle token)
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query, out hToken))
throw new Win32Exception("OpenProcessToken() failed");
Dictionary<String, PrivilegeAttributes> info = new Dictionary<String, PrivilegeAttributes>();
try
{
UInt32 tokenLength = 0;
NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, IntPtr.Zero, 0, out tokenLength);
NativeHelpers.LUID_AND_ATTRIBUTES[] privileges;
IntPtr privilegesPtr = Marshal.AllocHGlobal((int)tokenLength);
try
{
if (!NativeMethods.GetTokenInformation(hToken, TOKEN_PRIVILEGES, privilegesPtr, tokenLength, out tokenLength))
throw new Win32Exception("GetTokenInformation() for TOKEN_PRIVILEGES failed");
NativeHelpers.TOKEN_PRIVILEGES privilegeInfo = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(privilegesPtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[privilegeInfo.PrivilegeCount];
PtrToStructureArray(privileges, IntPtr.Add(privilegesPtr, Marshal.SizeOf(privilegeInfo.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(privilegesPtr);
}
info = privileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => p.Attributes);
}
finally
{
NativeMethods.CloseHandle(hToken);
}
return info;
}
public static SafeWaitHandle GetCurrentProcess()
{
return NativeMethods.GetCurrentProcess();
}
public static void RemovePrivilege(SafeHandle token, string privilege)
{
SetTokenPrivileges(token, new Dictionary<string, bool?>() { { privilege, null } });
}
public static Dictionary<string, bool?> SetTokenPrivileges(SafeHandle token, Dictionary<string, bool?> state)
{
NativeHelpers.LUID_AND_ATTRIBUTES[] privilegeAttr = new NativeHelpers.LUID_AND_ATTRIBUTES[state.Count];
int i = 0;
foreach (KeyValuePair<string, bool?> entry in state)
{
NativeHelpers.LUID luid;
if (!NativeMethods.LookupPrivilegeValue(null, entry.Key, out luid))
throw new Win32Exception(String.Format("LookupPrivilegeValue({0}) failed", entry.Key));
PrivilegeAttributes attributes;
switch (entry.Value)
{
case true:
attributes = PrivilegeAttributes.Enabled;
break;
case false:
attributes = PrivilegeAttributes.Disabled;
break;
default:
attributes = PrivilegeAttributes.Removed;
break;
}
privilegeAttr[i].Luid = luid;
privilegeAttr[i].Attributes = attributes;
i++;
}
return AdjustTokenPrivileges(token, privilegeAttr);
}
private static Dictionary<string, bool?> AdjustTokenPrivileges(SafeHandle token, NativeHelpers.LUID_AND_ATTRIBUTES[] newState)
{
bool disableAllPrivileges;
IntPtr newStatePtr;
NativeHelpers.LUID_AND_ATTRIBUTES[] oldStatePrivileges;
UInt32 returnLength;
if (newState == null)
{
disableAllPrivileges = true;
newStatePtr = IntPtr.Zero;
}
else
{
disableAllPrivileges = false;
// Need to manually marshal the bytes requires for newState as the constant size
// of LUID_AND_ATTRIBUTES is set to 1 and can't be overridden at runtime, TOKEN_PRIVILEGES
// always contains at least 1 entry so we need to calculate the extra size if there are
// nore than 1 LUID_AND_ATTRIBUTES entry
int tokenPrivilegesSize = Marshal.SizeOf(typeof(NativeHelpers.TOKEN_PRIVILEGES));
int luidAttrSize = 0;
if (newState.Length > 1)
luidAttrSize = Marshal.SizeOf(typeof(NativeHelpers.LUID_AND_ATTRIBUTES)) * (newState.Length - 1);
int totalSize = tokenPrivilegesSize + luidAttrSize;
byte[] newStateBytes = new byte[totalSize];
// get the first entry that includes the struct details
NativeHelpers.TOKEN_PRIVILEGES tokenPrivileges = new NativeHelpers.TOKEN_PRIVILEGES()
{
PrivilegeCount = (UInt32)newState.Length,
Privileges = new NativeHelpers.LUID_AND_ATTRIBUTES[1],
};
if (newState.Length > 0)
tokenPrivileges.Privileges[0] = newState[0];
int offset = StructureToBytes(tokenPrivileges, newStateBytes, 0);
// copy the remaining LUID_AND_ATTRIBUTES (if any)
for (int i = 1; i < newState.Length; i++)
offset += StructureToBytes(newState[i], newStateBytes, offset);
// finally create the pointer to the byte array we just created
newStatePtr = Marshal.AllocHGlobal(newStateBytes.Length);
Marshal.Copy(newStateBytes, 0, newStatePtr, newStateBytes.Length);
}
try
{
IntPtr hToken = IntPtr.Zero;
if (!NativeMethods.OpenProcessToken(token, TokenAccessLevels.Query | TokenAccessLevels.AdjustPrivileges, out hToken))
throw new Win32Exception("OpenProcessToken() failed with Query and AdjustPrivileges");
try
{
IntPtr oldStatePtr = Marshal.AllocHGlobal(0);
if (!NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, 0, oldStatePtr, out returnLength))
{
int errCode = Marshal.GetLastWin32Error();
if (errCode != 122) // ERROR_INSUFFICIENT_BUFFER
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed to get old state size");
}
// resize the oldStatePtr based on the length returned from Windows
Marshal.FreeHGlobal(oldStatePtr);
oldStatePtr = Marshal.AllocHGlobal((int)returnLength);
try
{
bool res = NativeMethods.AdjustTokenPrivileges(hToken, disableAllPrivileges, newStatePtr, returnLength, oldStatePtr, out returnLength);
int errCode = Marshal.GetLastWin32Error();
// even when res == true, ERROR_NOT_ALL_ASSIGNED may be set as the last error code
if (!res || errCode != 0)
throw new Win32Exception(errCode, "AdjustTokenPrivileges() failed");
// Marshal the oldStatePtr to the struct
NativeHelpers.TOKEN_PRIVILEGES oldState = (NativeHelpers.TOKEN_PRIVILEGES)Marshal.PtrToStructure(oldStatePtr, typeof(NativeHelpers.TOKEN_PRIVILEGES));
oldStatePrivileges = new NativeHelpers.LUID_AND_ATTRIBUTES[oldState.PrivilegeCount];
PtrToStructureArray(oldStatePrivileges, IntPtr.Add(oldStatePtr, Marshal.SizeOf(oldState.PrivilegeCount)));
}
finally
{
Marshal.FreeHGlobal(oldStatePtr);
}
}
finally
{
NativeMethods.CloseHandle(hToken);
}
}
finally
{
if (newStatePtr != IntPtr.Zero)
Marshal.FreeHGlobal(newStatePtr);
}
return oldStatePrivileges.ToDictionary(p => GetPrivilegeName(p.Luid), p => (bool?)p.Attributes.HasFlag(PrivilegeAttributes.Enabled));
}
private static string GetPrivilegeName(NativeHelpers.LUID luid)
{
UInt32 nameLen = 0;
NativeMethods.LookupPrivilegeName(null, ref luid, null, ref nameLen);
StringBuilder name = new StringBuilder((int)(nameLen + 1));
if (!NativeMethods.LookupPrivilegeName(null, ref luid, name, ref nameLen))
throw new Win32Exception("LookupPrivilegeName() failed");
return name.ToString();
}
private static void PtrToStructureArray<T>(T[] array, IntPtr ptr)
{
IntPtr ptrOffset = ptr;
for (int i = 0; i < array.Length; i++, ptrOffset = IntPtr.Add(ptrOffset, Marshal.SizeOf(typeof(T))))
array[i] = (T)Marshal.PtrToStructure(ptrOffset, typeof(T));
}
private static int StructureToBytes<T>(T structure, byte[] array, int offset)
{
int size = Marshal.SizeOf(structure);
IntPtr structPtr = Marshal.AllocHGlobal(size);
try
{
Marshal.StructureToPtr(structure, structPtr, false);
Marshal.Copy(structPtr, array, offset, size);
}
finally
{
Marshal.FreeHGlobal(structPtr);
}
return size;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3071 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $link_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d24ea16b-5ad7-4b74-ba87-512664dddaaa
PipelineId=8
ScriptName=
CommandLine= Add-Type -TypeDefinition $link_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections.Generic;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace Ansible
{
public enum LinkType
{
SymbolicLink,
JunctionPoint,
HardLink
}
public class LinkUtilWin32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public LinkUtilWin32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public LinkUtilWin32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator LinkUtilWin32Exception(string message) { return new LinkUtilWin32Exception(message); }
}
public class LinkInfo
{
public LinkType Type { get; internal set; }
public string PrintName { get; internal set; }
public string SubstituteName { get; internal set; }
public string AbsolutePath { get; internal set; }
public string TargetPath { get; internal set; }
public string[] HardTargets { get; internal set; }
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct REPARSE_DATA_BUFFER
{
public UInt32 ReparseTag;
public UInt16 ReparseDataLength;
public UInt16 Reserved;
public UInt16 SubstituteNameOffset;
public UInt16 SubstituteNameLength;
public UInt16 PrintNameOffset;
public UInt16 PrintNameLength;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = LinkUtil.MAXIMUM_REPARSE_DATA_BUFFER_SIZE)]
public char[] PathBuffer;
}
public class LinkUtil
{
public const int MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 1024 * 16;
private const UInt32 FILE_FLAG_BACKUP_SEMANTICS = 0x02000000;
private const UInt32 FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000;
private const UInt32 FSCTL_GET_REPARSE_POINT = 0x000900A8;
private const UInt32 FSCTL_SET_REPARSE_POINT = 0x000900A4;
private const UInt32 FILE_DEVICE_FILE_SYSTEM = 0x00090000;
private const UInt32 IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003;
private const UInt32 IO_REPARSE_TAG_SYMLINK = 0xA000000C;
private const UInt32 SYMLINK_FLAG_RELATIVE = 0x00000001;
private const Int64 INVALID_HANDLE_VALUE = -1;
private const UInt32 SIZE_OF_WCHAR = 2;
private const UInt32 SYMBOLIC_LINK_FLAG_FILE = 0x00000000;
private const UInt32 SYMBOLIC_LINK_FLAG_DIRECTORY = 0x00000001;
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
private static extern SafeFileHandle CreateFile(
string lpFileName,
[MarshalAs(UnmanagedType.U4)] FileAccess dwDesiredAccess,
[MarshalAs(UnmanagedType.U4)] FileShare dwShareMode,
IntPtr lpSecurityAttributes,
[MarshalAs(UnmanagedType.U4)] FileMode dwCreationDisposition,
UInt32 dwFlagsAndAttributes,
IntPtr hTemplateFile);
// Used by GetReparsePointInfo()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
IntPtr lpInBuffer,
UInt32 nInBufferSize,
out REPARSE_DATA_BUFFER lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
// Used by CreateJunctionPoint()
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeviceIoControl(
SafeFileHandle hDevice,
UInt32 dwIoControlCode,
REPARSE_DATA_BUFFER lpInBuffer,
UInt32 nInBufferSize,
IntPtr lpOutBuffer,
UInt32 nOutBufferSize,
out UInt32 lpBytesReturned,
IntPtr lpOverlapped);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool GetVolumePathName(
string lpszFileName,
StringBuilder lpszVolumePathName,
ref UInt32 cchBufferLength);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern IntPtr FindFirstFileNameW(
string lpFileName,
UInt32 dwFlags,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool FindNextFileNameW(
IntPtr hFindStream,
ref UInt32 StringLength,
StringBuilder LinkName);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool FindClose(
IntPtr hFindFile);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool RemoveDirectory(
string lpPathName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool DeleteFile(
string lpFileName);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateSymbolicLink(
string lpSymlinkFileName,
string lpTargetFileName,
UInt32 dwFlags);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Auto)]
private static extern bool CreateHardLink(
string lpFileName,
string lpExistingFileName,
IntPtr lpSecurityAttributes);
public static LinkInfo GetLinkInfo(string linkPath)
{
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.ReparsePoint))
return GetReparsePointInfo(linkPath);
if (!attr.HasFlag(FileAttributes.Directory))
return GetHardLinkInfo(linkPath);
return null;
}
public static void DeleteLink(string linkPath)
{
bool success;
FileAttributes attr = File.GetAttributes(linkPath);
if (attr.HasFlag(FileAttributes.Directory))
{
success = RemoveDirectory(linkPath);
}
else
{
success = DeleteFile(linkPath);
}
if (!success)
throw new LinkUtilWin32Exception(String.Format("Failed to delete link at {0}", linkPath));
}
public static void CreateLink(string linkPath, String linkTarget, LinkType linkType)
{
switch (linkType)
{
case LinkType.SymbolicLink:
UInt32 linkFlags;
FileAttributes attr = File.GetAttributes(linkTarget);
if (attr.HasFlag(FileAttributes.Directory))
linkFlags = SYMBOLIC_LINK_FLAG_DIRECTORY;
else
linkFlags = SYMBOLIC_LINK_FLAG_FILE;
if (!CreateSymbolicLink(linkPath, linkTarget, linkFlags))
throw new LinkUtilWin32Exception(String.Format("CreateSymbolicLink({0}, {1}, {2}) failed", linkPath, linkTarget, linkFlags));
break;
case LinkType.JunctionPoint:
CreateJunctionPoint(linkPath, linkTarget);
break;
case LinkType.HardLink:
if (!CreateHardLink(linkPath, linkTarget, IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("CreateHardLink({0}, {1}) failed", linkPath, linkTarget));
break;
}
}
private static LinkInfo GetHardLinkInfo(string linkPath)
{
UInt32 maxPath = 260;
List<string> result = new List<string>();
StringBuilder sb = new StringBuilder((int)maxPath);
UInt32 stringLength = maxPath;
if (!GetVolumePathName(linkPath, sb, ref stringLength))
throw new LinkUtilWin32Exception("GetVolumePathName() failed");
string volume = sb.ToString();
stringLength = maxPath;
IntPtr findHandle = FindFirstFileNameW(linkPath, 0, ref stringLength, sb);
if (findHandle.ToInt64() != INVALID_HANDLE_VALUE)
{
try
{
do
{
string hardLinkPath = sb.ToString();
if (hardLinkPath.StartsWith("\\"))
hardLinkPath = hardLinkPath.Substring(1, hardLinkPath.Length - 1);
result.Add(Path.Combine(volume, hardLinkPath));
stringLength = maxPath;
} while (FindNextFileNameW(findHandle, ref stringLength, sb));
}
finally
{
FindClose(findHandle);
}
}
if (result.Count > 1)
return new LinkInfo
{
Type = LinkType.HardLink,
HardTargets = result.ToArray()
};
return null;
}
private static LinkInfo GetReparsePointInfo(string linkPath)
{
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Read,
FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_OPEN_REPARSE_POINT | FILE_FLAG_BACKUP_SEMANTICS,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
UInt32 bytesReturned;
try
{
if (!DeviceIoControl(
fileHandle,
FSCTL_GET_REPARSE_POINT,
IntPtr.Zero,
0,
out buffer,
MAXIMUM_REPARSE_DATA_BUFFER_SIZE,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed for file at {0}", linkPath));
}
finally
{
fileHandle.Dispose();
}
bool isRelative = false;
int pathOffset = 0;
LinkType linkType;
if (buffer.ReparseTag == IO_REPARSE_TAG_SYMLINK)
{
UInt32 bufferFlags = Convert.ToUInt32(buffer.PathBuffer[0]) + Convert.ToUInt32(buffer.PathBuffer[1]);
if (bufferFlags == SYMLINK_FLAG_RELATIVE)
isRelative = true;
pathOffset = 2;
linkType = LinkType.SymbolicLink;
}
else if (buffer.ReparseTag == IO_REPARSE_TAG_MOUNT_POINT)
{
linkType = LinkType.JunctionPoint;
}
else
{
string errorMessage = String.Format("Invalid Reparse Tag: {0}", buffer.ReparseTag.ToString());
throw new Exception(errorMessage);
}
string printName = new string(buffer.PathBuffer, (int)(buffer.PrintNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.PrintNameLength / SIZE_OF_WCHAR));
string substituteName = new string(buffer.PathBuffer, (int)(buffer.SubstituteNameOffset / SIZE_OF_WCHAR) + pathOffset, (int)(buffer.SubstituteNameLength / SIZE_OF_WCHAR));
// TODO: should we check for \?\UNC\server for convert it to the NT style \\server path
// Remove the leading Windows object directory \?\ from the path if present
string targetPath = substituteName;
if (targetPath.StartsWith("\\??\\"))
targetPath = targetPath.Substring(4, targetPath.Length - 4);
string absolutePath = targetPath;
if (isRelative)
absolutePath = Path.GetFullPath(Path.Combine(new FileInfo(linkPath).Directory.FullName, targetPath));
return new LinkInfo
{
Type = linkType,
PrintName = printName,
SubstituteName = substituteName,
AbsolutePath = absolutePath,
TargetPath = targetPath
};
}
private static void CreateJunctionPoint(string linkPath, string linkTarget)
{
// We need to create the link as a dir beforehand
Directory.CreateDirectory(linkPath);
SafeFileHandle fileHandle = CreateFile(
linkPath,
FileAccess.Write,
FileShare.Read | FileShare.Write | FileShare.None,
IntPtr.Zero,
FileMode.Open,
FILE_FLAG_BACKUP_SEMANTICS | FILE_FLAG_OPEN_REPARSE_POINT,
IntPtr.Zero);
if (fileHandle.IsInvalid)
throw new LinkUtilWin32Exception(String.Format("CreateFile({0}) failed", linkPath));
try
{
string substituteName = "\\??\\" + Path.GetFullPath(linkTarget);
string printName = linkTarget;
REPARSE_DATA_BUFFER buffer = new REPARSE_DATA_BUFFER();
buffer.SubstituteNameOffset = 0;
buffer.SubstituteNameLength = (UInt16)(substituteName.Length * SIZE_OF_WCHAR);
buffer.PrintNameOffset = (UInt16)(buffer.SubstituteNameLength + 2);
buffer.PrintNameLength = (UInt16)(printName.Length * SIZE_OF_WCHAR);
buffer.ReparseTag = IO_REPARSE_TAG_MOUNT_POINT;
buffer.ReparseDataLength = (UInt16)(buffer.SubstituteNameLength + buffer.PrintNameLength + 12);
buffer.PathBuffer = new char[MAXIMUM_REPARSE_DATA_BUFFER_SIZE];
byte[] unicodeBytes = Encoding.Unicode.GetBytes(substituteName + "\0" + printName);
char[] pathBuffer = Encoding.Unicode.GetChars(unicodeBytes);
Array.Copy(pathBuffer, buffer.PathBuffer, pathBuffer.Length);
UInt32 bytesReturned;
if (!DeviceIoControl(
fileHandle,
FSCTL_SET_REPARSE_POINT,
buffer,
(UInt32)(buffer.ReparseDataLength + 8),
IntPtr.Zero, 0,
out bytesReturned,
IntPtr.Zero))
throw new LinkUtilWin32Exception(String.Format("DeviceIoControl() failed to create junction point at {0} to {1}", linkPath, linkTarget));
}
finally
{
fileHandle.Dispose();
}
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3070 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d24ea16b-5ad7-4b74-ba87-512664dddaaa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3069 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3068 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3067 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3066 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3065 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3064 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3063 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3062 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bd7bf56f-bc21-4967-8874-a86c4413e3fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3061 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=525587df-d1c3-4964-b06c-183ac33a52f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3060 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3059 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3058 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3057 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3056 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3055 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b8aff9ac-8ceb-47fc-86fc-90de56bed68c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3054 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=36
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=31b371bf-da8e-4223-bf97-de2d32803d09
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3053 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.DirectoryServices.AccountManagement
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=34
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8047e1c6-2868-4de9-8a9b-d9f5dc4121b3
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.DirectoryServices.AccountManagement
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.DirectoryServices.AccountManagement"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 3052 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8047e1c6-2868-4de9-8a9b-d9f5dc4121b3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3051 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3050 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3049 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3048 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3047 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3046 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3045 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3044 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6ba7c072-34c0-4b67-ba66-6098c26e0357
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3043 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=31b371bf-da8e-4223-bf97-de2d32803d09
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3042 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3041 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3040 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3039 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3038 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3037 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2212092d-36b6-4ecd-a634-4c165fae555c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3036 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:20:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c92bbda1-066a-4a1b-9973-3c0a9586794a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3035 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d6451f40-080a-46ee-83bc-affb17279c61
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3034 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3033 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3032 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3031 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3030 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3029 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3028 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3027 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4e4c3743-2db6-4666-8f73-c9335840fb49
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3026 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c92bbda1-066a-4a1b-9973-3c0a9586794a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3025 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3024 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3023 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3022 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3021 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3020 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7c12b23-6314-4235-83c5-5a43f16842c6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3019 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=89f91a44-9f6f-47d7-ae80-ebf320e57bb4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3018 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=77708e96-5fb9-41da-9651-609368773804
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3017 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3016 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3015 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3014 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3013 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3012 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3011 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3010 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1b460805-51d8-47bc-b7e2-1f8aa9cd0f00
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3009 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=89f91a44-9f6f-47d7-ae80-ebf320e57bb4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3008 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3007 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3006 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3005 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3004 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3003 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52de4b95-74d7-4eee-8f41-e84d0e2c8527
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3002 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=af81ed86-50ec-4881-88d7-e9b8b3f4dfd9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 3001 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=91d9ebf4-8e7e-44c1-9185-7bd8defa8ba8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 3000 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2999 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2998 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2997 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2996 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2995 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2994 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2993 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df48e825-7534-4f4b-a936-58da2b8278ef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2992 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=af81ed86-50ec-4881-88d7-e9b8b3f4dfd9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2991 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2990 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2989 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2988 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2987 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2986 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=11dbda57-b348-456c-b072-8fa1eee54e40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2985 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dfdb9adb-cee8-4cfa-a9ae-3d83fc170fee
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2984 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4fda839b-a876-4930-917e-ee5c961db1c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2983 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2982 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2981 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2980 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2979 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2978 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2977 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2976 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a5cc2e1d-947f-4afd-a45a-3158a0584747
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2975 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dfdb9adb-cee8-4cfa-a9ae-3d83fc170fee
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2974 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2973 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2972 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2971 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2970 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2969 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61815c7-8602-4263-8ac6-0d54b7c8e2f3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2968 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f095d887-07d6-407e-ba22-ab669d95ddee
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2967 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2fc36036-f3e3-4faf-8a7b-52ee6463e6f9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2966 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2965 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2964 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2963 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2962 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2961 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2960 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2959 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=df359ace-2ac9-4e18-b8e9-5561f0cbd7ed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2958 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f095d887-07d6-407e-ba22-ab669d95ddee
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2957 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2956 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2955 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2954 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2953 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2952 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bbe4d196-6221-4323-a511-6b5b32314871
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2951 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=34
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c6260c00-0609-47db-b3c6-cd3039019208
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2950 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=709519f1-c6d1-4230-880a-191dc1409b04
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2949 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2948 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2947 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2946 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2945 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2944 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2943 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2942 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d7050d73-23fc-437d-9d60-27584c185e08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2941 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c6260c00-0609-47db-b3c6-cd3039019208
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2940 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2939 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2938 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2937 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2936 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2935 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f7d4994e-bc2c-4ce4-aebb-1a430518169d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2934 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cfe93aa7-1283-4b89-a142-408246274d18
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2933 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aebb886f-3ac5-4ee3-9254-282cd533ccd2
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2932 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aebb886f-3ac5-4ee3-9254-282cd533ccd2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2931 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2930 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2929 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2928 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2927 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2926 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2925 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2924 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=32771b1b-7392-42f8-a226-a8cd61ed248f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2923 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cfe93aa7-1283-4b89-a142-408246274d18
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2922 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2921 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2920 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2919 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2918 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2917 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a6317b84-7fb2-4058-802d-9fc44c850849
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2916 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=36
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cc6bbdb7-e716-4d94-94fb-2b135ef942a6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2915 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.DirectoryServices.AccountManagement
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=34
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f19810e3-cc56-4fd0-8dd1-f91abcda9007
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.DirectoryServices.AccountManagement
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.DirectoryServices.AccountManagement"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2914 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f19810e3-cc56-4fd0-8dd1-f91abcda9007
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2913 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2912 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2911 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2910 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2909 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2908 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2907 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2906 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6cd74aef-165b-4bc4-ac92-16a2b5d2b57b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2905 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cc6bbdb7-e716-4d94-94fb-2b135ef942a6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2904 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2903 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2902 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2901 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2900 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2899 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f701812b-30dd-47af-a19a-54223bf239ca
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2898 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:19:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f911bf4a-2cba-4574-b9cd-3dd46c1a3a23
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2897 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7c991e62-6e93-4fc7-ab46-449368e1c8e5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2896 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2895 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2894 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2893 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2892 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2891 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2890 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2889 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=25e93306-7fd9-4573-b3d3-7eebfa6b197e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2888 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f911bf4a-2cba-4574-b9cd-3dd46c1a3a23
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2887 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2886 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2885 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2884 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2883 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2882 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67108991-71df-47d7-968d-500faf92daba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2881 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=092e6f32-3290-4e3b-9332-8299dca702d4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2880 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=edb2857f-cbbd-46a0-a319-4a21b8e103ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2879 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=edb2857f-cbbd-46a0-a319-4a21b8e103ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2878 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2877 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2876 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2875 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2874 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2873 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4afc0635-d228-4726-92c9-75aab460c35d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2872 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=092e6f32-3290-4e3b-9332-8299dca702d4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2871 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2870 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2869 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2868 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2867 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2866 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cbce11c1-3635-4e73-9dee-21fd9dbe8b5c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQA0AEEARABJAEEATQBnAEEAdQBBAEQARQBBAE0AUQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATwBBAEEAMABBAEQAawBBAE0AQQBBADMAQQBEAGsAQQBNAHcAQQB5AEEARABJAEEATQBnAEEAMQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2865 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=85c4ec6d-e802-403b-831f-03a829f79b40
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2864 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8a3f91a2-9ff5-4c2a-8ae7-1fa1658eb05b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2863 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2862 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2861 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2860 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2859 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2858 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2857 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2856 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7a862ec8-d974-4bb4-9ff3-7b1b07e7ee57
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2855 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=85c4ec6d-e802-403b-831f-03a829f79b40
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2854 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2853 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2852 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2851 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2850 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2849 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1296d8c6-256d-4e10-8064-d228924d7d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2848 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=efca584d-5596-4ec4-8c88-ddf364a75936
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2847 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=efca584d-5596-4ec4-8c88-ddf364a75936
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2846 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2845 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2844 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2843 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2842 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2841 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22d4481b-13bb-4992-a98d-c9fbe54ff4a1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA4ADIAMgAuADEAMQAtADEANQAyADcAOAA0ADkAMAA3ADkAMwAyADIAMgA1AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2840 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=235b87d1-8bc8-409b-ae60-1be7b86bdd77
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2839 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=4ce49f07-a519-4ed3-b3fe-e1b0404a040d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2838 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=4ce49f07-a519-4ed3-b3fe-e1b0404a040d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2837 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2836 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2835 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2834 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2833 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2832 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7d79a2e-fdc9-4af3-a3d1-082b74c60e2e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADgAMgAyAC4AMQAxAC0AMQA1ADIANwA4ADQAOQAwADcAOQAzADIAMgAyADUAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2831 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=235b87d1-8bc8-409b-ae60-1be7b86bdd77
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2830 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2829 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2828 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2827 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2826 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2825 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ffdbb460-128b-4d7e-b534-8554af65d293
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGcAQQBNAGcAQQB5AEEAQwA0AEEATQBRAEEAeABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQA0AEEARABRAEEATwBRAEEAdwBBAEQAYwBBAE8AUQBBAHoAQQBEAEkAQQBNAGcAQQB5AEEARABVAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2824 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e40cfa48-8a2c-4fa0-8cef-c4615396def7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2823 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6bca7b4b-dbf7-4ca2-ae88-02452073a68e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2822 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2821 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2820 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2819 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2818 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2817 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2816 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2815 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1e3dbd6-dbaa-40ef-9304-a4858a99b25e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2814 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e40cfa48-8a2c-4fa0-8cef-c4615396def7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2813 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2812 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2811 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2810 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2809 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2808 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22c8e998-c447-4301-8f4e-f65a368222f6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2807 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae4df476-95e1-455a-acc3-28357906f438
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2806 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=5.1.14393.1944
RunspaceId=82895955-b5eb-49f5-9c7b-22e8b7158b75
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2805 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=5.1.14393.1944
RunspaceId=82895955-b5eb-49f5-9c7b-22e8b7158b75
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2804 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2803 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2802 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2801 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2800 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2799 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4d0741e-8290-49c2-aa0a-4b8877e2b9fe
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2798 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4f9528cc-6e2c-4eb2-a8e5-797603201250
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2797 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4f9528cc-6e2c-4eb2-a8e5-797603201250
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2796 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2795 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2794 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2793 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2792 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2791 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2790 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2789 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e026b8a2-75fa-431c-b9d7-d248cd87a2bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2788 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae4df476-95e1-455a-acc3-28357906f438
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2787 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2786 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2785 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2784 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2783 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2782 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5f2726c-a17f-4921-8748-08049676eb61
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2781 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a87cee43-28b3-4702-a529-309e11878b5a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2780 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b9467f06-9c18-48fc-8fa1-b082da86484a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2779 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2778 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2777 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2776 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2775 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2774 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2773 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2772 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=afe49531-0cba-44b0-9d0e-1cb09bc57716
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2771 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a87cee43-28b3-4702-a529-309e11878b5a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2770 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2769 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2768 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2767 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2766 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2765 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bac3ac7e-f1ac-43e7-82b3-49ee5f1e3bc6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2764 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=df9782d9-d035-4821-bab0-8f05e82b432f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2763 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=c6e13e50-c805-4993-bf54-130df05de5e2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2762 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=c6e13e50-c805-4993-bf54-130df05de5e2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2761 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2760 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2759 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2758 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2757 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2756 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c726e7c7-3e20-4430-951f-14967f1c3bc4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABvAHMALQB3AGkAbgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2755 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0bfc177e-76e3-4af1-bfd7-0a4a73052c6a
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2754 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0bfc177e-76e3-4af1-bfd7-0a4a73052c6a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2753 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2752 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2751 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2750 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2749 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2748 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2747 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2746 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca4646d9-1b8a-4660-89ab-a29ed180a934
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2745 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=df9782d9-d035-4821-bab0-8f05e82b432f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2744 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2743 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2742 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2741 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2740 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2739 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9528a822-757d-4374-bd53-4bf855ea8ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2738 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=d30cab6f-d7e6-4f8c-89ad-5581ca08b571
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2737 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=09919315-d6db-4287-8fcf-1f0da141b013
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2736 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=09919315-d6db-4287-8fcf-1f0da141b013
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2735 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2734 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2733 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2732 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2731 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2730 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a709c0fe-527a-43ee-a0bf-367038f7eccf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2729 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=d30cab6f-d7e6-4f8c-89ad-5581ca08b571
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2728 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2727 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2726 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2725 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2724 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2723 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c9f97b2-3282-4c84-aeb5-2bc63a07055b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABrAEEATgBnAEEAdQBBAEQATQBBAE8AQQBBAHQAQQBEAEUAQQBOAFEAQQB5AEEARABjAEEATQBBAEEAMwBBAEQAQQBBAE0AZwBBADMAQQBEAFEAQQBNAFEAQQB4AEEARABFAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2722 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=320fe6b3-03fa-4682-84d7-4554710b4f1e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2721 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=306161ba-b41e-4bb7-9bf5-fbefcf4e0d33
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2720 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2719 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2718 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2717 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2716 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2715 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2714 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2713 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45ae06ea-fcda-49de-a550-94f682935a08
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2712 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=320fe6b3-03fa-4682-84d7-4554710b4f1e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2711 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2710 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2709 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2708 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2707 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2706 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=219e5574-22dc-4d15-9713-f80a49f6cf53
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2705 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5d4c4c7a-90e7-4b1e-bf8b-751acae4bc31
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2704 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5d4c4c7a-90e7-4b1e-bf8b-751acae4bc31
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2703 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2702 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2701 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2700 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2699 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2698 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d922ead-57f4-4a35-a347-4d9d6eed1fef
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADkANgAuADMAOAAtADEANQAyADcAMAA3ADAAMgA3ADQAMQAxADEANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2697 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=a8321610-8c61-44a4-b172-19c608659008
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2696 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b2d96e07-7b7d-432e-9552-9e3d3da59029
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2695 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b2d96e07-7b7d-432e-9552-9e3d3da59029
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2694 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2693 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2692 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2691 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2690 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2689 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=59f6a87f-a07d-4c8c-83b3-db09949f6df3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcAOQA2AC4AMwA4AC0AMQA1ADIANwAwADcAMAAyADcANAAxADEAMQA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2688 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=a8321610-8c61-44a4-b172-19c608659008
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2687 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2686 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2685 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2684 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2683 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2682 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e908e583-eabc-4d32-9d07-4d1e6c0d8a50
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBPAFEAQQAyAEEAQwA0AEEATQB3AEEANABBAEMAMABBAE0AUQBBADEAQQBEAEkAQQBOAHcAQQB3AEEARABjAEEATQBBAEEAeQBBAEQAYwBBAE4AQQBBAHgAQQBEAEUAQQBNAFEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2681 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=68e86e4d-7611-4e48-9274-0f013e9e7734
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2680 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=727a8134-cdb4-431a-b5b2-2b5d1e5bfc27
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2679 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2678 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2677 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2676 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2675 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2674 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2673 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2672 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ab6ccc8b-1f2d-4340-9d65-a7b5a63138a0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2671 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=68e86e4d-7611-4e48-9274-0f013e9e7734
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2670 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2669 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2668 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2667 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2666 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2665 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=53c587ba-ec0d-46e9-a1ff-3c1197316352
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2664 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f2316859-c6a0-4e9b-adf0-3ff38478c683
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2663 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=5.1.14393.1944
RunspaceId=3e5c08c6-a42e-4505-8a11-ae814be6d016
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2662 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:03:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=5.1.14393.1944
RunspaceId=3e5c08c6-a42e-4505-8a11-ae814be6d016
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2661 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2660 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2659 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2658 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2657 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2656 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b8806-d5bd-4ae4-99ae-99f33b85139d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB1AHQAcgBvAG4A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2655 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d2f46b16-ac0b-4f52-bc54-761b41096ac7
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2654 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d2f46b16-ac0b-4f52-bc54-761b41096ac7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2653 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2652 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2651 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2650 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2649 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2648 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2647 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2646 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b0607ac1-66e5-4c3d-aebc-5e1f0df722f5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2645 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f2316859-c6a0-4e9b-adf0-3ff38478c683
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2644 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2643 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2642 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2641 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2640 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2639 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=635b5ede-dd2f-49ce-aa9e-06ff6ea387d3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2638 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5011f416-eae1-4953-9027-0e8e8160068e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2637 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=242d4767-f6b0-4298-aa91-d5f9c3fbe280
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2636 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2635 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2634 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2633 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2632 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2631 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2630 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2629 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f697c9ca-3c5e-4a70-9d9e-2ebd7b3c7a85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2628 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5011f416-eae1-4953-9027-0e8e8160068e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2627 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2626 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2625 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2624 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2623 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2622 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5ea569ba-f05e-41c4-bdca-9cc1ad044ba3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2621 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=41cc9e1c-c0c4-4881-b0fe-1274325c2622
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2620 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=2d071dd2-27dd-4177-8c77-b3da46cca3e9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2619 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=2d071dd2-27dd-4177-8c77-b3da46cca3e9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2618 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2617 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2616 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2615 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2614 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2613 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35559f69-020c-409d-889b-b0db75822df4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdQB0AHIAbwBuAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2612 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2b104101-6ff6-4fa1-b648-66da53dee996
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2611 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2b104101-6ff6-4fa1-b648-66da53dee996
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2610 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2609 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2608 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2607 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2606 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2605 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2604 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2603 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9879e3b-3246-4fa9-81e1-70f5daf0d0d7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2602 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=41cc9e1c-c0c4-4881-b0fe-1274325c2622
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2601 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2600 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2599 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2598 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2597 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2596 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=50947b8a-545d-4c13-990c-e68296f37d40
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2595 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=5.1.14393.1944
RunspaceId=e9529929-6be1-4399-bbb4-a480479718f0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2594 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5d344831-2299-47bf-b44b-763af75ccc4a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2593 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5d344831-2299-47bf-b44b-763af75ccc4a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2592 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2591 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2590 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2589 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2588 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2587 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35330432-e0d6-47b9-b25d-c467379f0dac
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAIgAgAC0ARgBvAHIAYwBlACAALQBSAGUAYwB1AHIAcwBlADsACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2586 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=5.1.14393.1944
RunspaceId=e9529929-6be1-4399-bbb4-a480479718f0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2585 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2584 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2583 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2582 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2581 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2580 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d13b416-2b31-4890-8355-c2d3cc47f2b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAzAEEARABVAEEATQB3AEEAdQBBAEQAVQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQA0AEEARABrAEEATgBBAEEAeQBBAEQASQBBAE8AUQBBAHkAQQBEAE0AQQBPAEEAQQA1AEEARABFAEEASQBnAEEAZwBBAEMAMABBAFIAZwBCAHYAQQBIAEkAQQBZAHcAQgBsAEEAQwBBAEEATABRAEIAUwBBAEcAVQBBAFkAdwBCADEAQQBIAEkAQQBjAHcAQgBsAEEARABzAEEAQwBnAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBDADAAQQBiAGcAQgB2AEEASABRAEEASQBBAEEAawBBAEQAOABBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBKAEEARwBZAEEASQBBAEEAbwBBAEUAYwBBAFoAUQBCADAAQQBDADAAQQBWAGcAQgBoAEEASABJAEEAYQBRAEIAaABBAEcASQBBAGIAQQBCAGwAQQBDAEEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEEAdABBAEUAVQBBAGMAZwBCAHkAQQBHADgAQQBjAGcAQgBCAEEARwBNAEEAZABBAEIAcABBAEcAOABBAGIAZwBBAGcAQQBGAE0AQQBhAFEAQgBzAEEARwBVAEEAYgBnAEIAMABBAEcAdwBBAGUAUQBCAEQAQQBHADgAQQBiAGcAQgAwAEEARwBrAEEAYgBnAEIAMQBBAEcAVQBBAEsAUQBBAGcAQQBIAHMAQQBJAEEAQgBsAEEASABnAEEAYQBRAEIAMABBAEMAQQBBAEoAQQBCAE0AQQBFAEUAQQBVAHcAQgBVAEEARQBVAEEAVwBBAEIASgBBAEYAUQBBAFEAdwBCAFAAQQBFAFEAQQBSAFEAQQBnAEEASAAwAEEASQBBAEIARgBBAEcAdwBBAGMAdwBCAGwAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAHgAQQBDAEEAQQBmAFEAQQBnAEEASAAwAEEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2579 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=84585f8a-467a-4576-824c-a28412409eac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2578 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5efb175d-5584-44c3-bc8d-bc9169eee9d5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2577 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2576 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2575 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2574 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2573 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2572 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2571 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2570 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a72f8256-dc08-4dc3-8075-b4c1037b6ecf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2569 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=84585f8a-467a-4576-824c-a28412409eac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2568 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2567 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2566 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2565 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2564 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2563 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c07855f9-229f-42e5-a5ef-2434a17412e7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2562 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=94b84812-5a22-4734-a445-01d5c57e8091
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2561 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=94b84812-5a22-4734-a445-01d5c57e8091
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2560 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2559 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2558 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2557 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2556 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2555 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f243bf49-8f9f-41ee-9657-394d7ee4004f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA3ADUAMwAuADUANgAtADUAOAA4ADkANAAyADIAOQAyADMAOAA5ADEAXABzAG8AdQByAGMAZQAnAAoAJABEAGUAYgB1AGcAUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAEMAbwBuAHQAaQBuAHUAZQAiAAoAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQAgAD0AIAAiAFMAdABvAHAAIgAKAFMAZQB0AC0AUwB0AHIAaQBjAHQATQBvAGQAZQAgAC0AVgBlAHIAcwBpAG8AbgAgADIACgAkAGYAZAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ASQBPAC4ARgBpAGwAZQBdADoAOgBDAHIAZQBhAHQAZQAoACQAcABhAHQAaAApAAoAJABzAGgAYQAxACAAPQAgAFsAUwB5AHMAdABlAG0ALgBTAGUAYwB1AHIAaQB0AHkALgBDAHIAeQBwAHQAbwBnAHIAYQBwAGgAeQAuAFMASABBADEAQwByAHkAcAB0AG8AUwBlAHIAdgBpAGMAZQBQAHIAbwB2AGkAZABlAHIAXQA6ADoAQwByAGUAYQB0AGUAKAApAAoAJABiAHkAdABlAHMAIAA9ACAAQAAoACkAIAAjAGkAbgBpAHQAaQBhAGwAaQB6AGUAIABmAG8AcgAgAGUAbQBwAHQAeQAgAGYAaQBsAGUAIABjAGEAcwBlAAoAfQAKAHAAcgBvAGMAZQBzAHMAIAB7AAoAJABiAHkAdABlAHMAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAaQBuAHAAdQB0ACkACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAAsACAAJABiAHkAdABlAHMALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGYAZAAuAFcAcgBpAHQAZQAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACkACgB9AAoAZQBuAGQAIAB7AAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0ARgBpAG4AYQBsAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABoAGEAcwBoACAAPQAgAFsAUwB5AHMAdABlAG0ALgBCAGkAdABDAG8AbgB2AGUAcgB0AGUAcgBdADoAOgBUAG8AUwB0AHIAaQBuAGcAKAAkAHMAaABhADEALgBIAGEAcwBoACkALgBSAGUAcABsAGEAYwBlACgAIgAtACIALAAgACIAIgApAC4AVABvAEwAbwB3AGUAcgBJAG4AdgBhAHIAaQBhAG4AdAAoACkACgAkAGYAZAAuAEMAbABvAHMAZQAoACkACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgACIAewAiACIAcwBoAGEAMQAiACIAOgAiACIAJABoAGEAcwBoACIAIgB9ACIACgB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2554 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=5.1.14393.1944
RunspaceId=5e53a5ab-616d-46de-8576-32b82b1aae98
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2553 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=5.1.14393.1944
RunspaceId=cf5a5d18-9317-428c-98f3-b622426ba3f4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2552 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=5.1.14393.1944
RunspaceId=cf5a5d18-9317-428c-98f3-b622426ba3f4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2551 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2550 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2549 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2548 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2547 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2546 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=159c7ebc-118f-4e9c-8a81-76ff4bad3150
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADcANQAzAC4ANQA2AC0ANQA4ADgAOQA0ADIAMgA5ADIAMwA4ADkAMQAnAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAtAEkAbgBwAHUAdABPAGIAagBlAGMAdAAgACQAdABtAHAALgBGAHUAbABsAE4AYQBtAGUACgBJAGYAIAAoAC0AbgBvAHQAIAAkAD8AKQAgAHsAIABJAGYAIAAoAEcAZQB0AC0AVgBhAHIAaQBhAGIAbABlACAATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAAtAEUAcgByAG8AcgBBAGMAdABpAG8AbgAgAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAKQAgAHsAIABlAHgAaQB0ACAAJABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAH0AIABFAGwAcwBlACAAewAgAGUAeABpAHQAIAAxACAAfQAgAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2545 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=5.1.14393.1944
RunspaceId=5e53a5ab-616d-46de-8576-32b82b1aae98
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2544 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2543 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2542 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2541 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2540 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2539 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a12bfb59-9eff-49fe-95a9-fe9752f542b0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAGMAQQBOAFEAQQB6AEEAQwA0AEEATgBRAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAGcAQQBPAFEAQQAwAEEARABJAEEATQBnAEEANQBBAEQASQBBAE0AdwBBADQAQQBEAGsAQQBNAFEAQQBuAEEAQQBvAEEAVgB3AEIAeQBBAEcAawBBAGQAQQBCAGwAQQBDADAAQQBUAHcAQgAxAEEASABRAEEAYwBBAEIAMQBBAEgAUQBBAEkAQQBBAHQAQQBFAGsAQQBiAGcAQgB3AEEASABVAEEAZABBAEIAUABBAEcASQBBAGEAZwBCAGwAQQBHAE0AQQBkAEEAQQBnAEEAQwBRAEEAZABBAEIAdABBAEgAQQBBAEwAZwBCAEcAQQBIAFUAQQBiAEEAQgBzAEEARQA0AEEAWQBRAEIAdABBAEcAVQBBAEMAZwBCAEoAQQBHAFkAQQBJAEEAQQBvAEEAQwAwAEEAYgBnAEIAdgBBAEgAUQBBAEkAQQBBAGsAQQBEADgAQQBLAFEAQQBnAEEASABzAEEASQBBAEIASgBBAEcAWQBBAEkAQQBBAG8AQQBFAGMAQQBaAFEAQgAwAEEAQwAwAEEAVgBnAEIAaABBAEgASQBBAGEAUQBCAGgAQQBHAEkAQQBiAEEAQgBsAEEAQwBBAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBBAHQAQQBFAFUAQQBjAGcAQgB5AEEARwA4AEEAYwBnAEIAQgBBAEcATQBBAGQAQQBCAHAAQQBHADgAQQBiAGcAQQBnAEEARgBNAEEAYQBRAEIAcwBBAEcAVQBBAGIAZwBCADAAQQBHAHcAQQBlAFEAQgBEAEEARwA4AEEAYgBnAEIAMABBAEcAawBBAGIAZwBCADEAQQBHAFUAQQBLAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBKAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEgAMABBAEkAQQBCAEYAQQBHAHcAQQBjAHcAQgBsAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQB4AEEAQwBBAEEAZgBRAEEAZwBBAEgAMABBAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2538 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b600eed6-4210-4288-b5c6-844a0ad4470f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2537 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=87c3aee5-4aaf-4726-b739-8839438b727a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2536 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2535 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2534 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2533 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2532 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2531 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2530 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2529 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=91b7c9f2-42d3-4456-95ce-07033abe7a52
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2528 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b600eed6-4210-4288-b5c6-844a0ad4470f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2527 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2526 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2525 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2524 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2523 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2522 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1d2960ac-51cf-4a23-8716-2d91e7998b28
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2521 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=837373c8-c74a-440b-83e7-ad15fc030452
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2520 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=5.1.14393.1944
RunspaceId=3e21cc67-b9df-4c6b-b06a-edb008388724
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2519 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=5.1.14393.1944
RunspaceId=3e21cc67-b9df-4c6b-b06a-edb008388724
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2518 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2517 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2516 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2515 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2514 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2513 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3927bebb-1a66-46fd-913b-00389db84b31
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AZQB0AHcAbwByAGsAaQBuAGcALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2512 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6d405292-56db-49e8-8895-fd5c6ceb8933
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2511 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6d405292-56db-49e8-8895-fd5c6ceb8933
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2510 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2509 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2508 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2507 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2506 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2505 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2504 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2503 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=594742c4-85c4-4c44-a38f-39ab20ae2f82
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2502 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=837373c8-c74a-440b-83e7-ad15fc030452
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2501 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2500 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2499 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2498 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2497 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2496 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=af9abdcd-7b93-4ada-bb57-bc53901f8bb2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2495 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=164c5a88-b7df-407d-b72b-099d8754161c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2494 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8f8011b5-b9d8-408e-ac33-864fa2a7e693
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2493 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2492 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2491 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2490 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2489 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2488 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2487 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2486 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=cacb0ff9-d132-4993-93b7-a8680f928fcc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2485 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=164c5a88-b7df-407d-b72b-099d8754161c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2484 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2483 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2482 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2481 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2480 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2479 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c887201b-f759-44e9-9fd4-ee238b8423c0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2478 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=05dfdb42-7d12-4f3f-a48c-12a2a3e90845
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2477 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=8570fe64-748c-4af8-87fe-f0c8ed0e39c2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2476 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=8570fe64-748c-4af8-87fe-f0c8ed0e39c2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2475 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2474 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2473 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2472 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2471 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2470 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2f734582-d66b-49e0-86b6-134e129ac042
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2469 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=44721b83-daf7-4be4-9b73-8d5b071073d0
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2468 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=44721b83-daf7-4be4-9b73-8d5b071073d0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2467 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2466 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2465 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2464 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2463 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2462 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2461 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2460 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=c4689e53-4f6b-4681-aa2d-da102151ae5a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2459 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=05dfdb42-7d12-4f3f-a48c-12a2a3e90845
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2458 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2457 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2456 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2455 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2454 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2453 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4904543-c3ab-49ce-91e4-be823b8e729a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2452 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=6ccef090-ce52-40af-acc2-732390d9a2c6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2451 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=799a28e0-6ddb-4d45-9d52-3555871f3f78
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2450 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=799a28e0-6ddb-4d45-9d52-3555871f3f78
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2449 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2448 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2447 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2446 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2445 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2444 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bcadae71-0562-4653-bce9-31c3842eb972
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2443 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=6ccef090-ce52-40af-acc2-732390d9a2c6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2442 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2441 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2440 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2439 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2438 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2437 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=06977172-daa7-4b1b-8025-e3c789ebf25d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABZAEEATgBnAEEAdQBBAEQAZwBBAE0AUQBBAHQAQQBEAEkAQQBNAFEAQQA1AEEARABZAEEATgBBAEEAeABBAEQAQQBBAE0AZwBBAHkAQQBEAGsAQQBPAFEAQQA0AEEARABnAEEATgB3AEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2436 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2607fce8-6fd5-4516-a5b9-d6f0f757085c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2435 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f827f21b-9738-472b-900b-1f05fb36c458
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2434 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2433 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2432 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2431 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2430 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2429 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2428 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2427 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fdb6ba14-0cd5-487d-927a-08c6961ed5a6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2426 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2607fce8-6fd5-4516-a5b9-d6f0f757085c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2425 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2424 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2423 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2422 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2421 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2420 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8a8284e8-1ef6-4b66-aac5-9f2fa9e928df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2419 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5ce96350-9dff-4eca-81b4-566576d8635e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2418 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=5ce96350-9dff-4eca-81b4-566576d8635e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2417 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2416 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2415 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2414 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2413 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2412 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04af28f0-a3da-47b4-810a-ed2b368a114c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADYANgAuADgAMQAtADIAMQA5ADYANAAxADAAMgAyADkAOQA4ADgANwBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2411 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=c501ed17-cb6e-47c2-b851-3649b429f7cd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2410 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=d5c109e2-0154-425d-9923-0d86e24aa812
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2409 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=d5c109e2-0154-425d-9923-0d86e24aa812
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2408 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2407 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2406 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2405 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2404 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2403 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e6e3d9ce-abb5-41eb-b5a8-3d8ac0278f3e
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANgA2AC4AOAAxAC0AMgAxADkANgA0ADEAMAAyADIAOQA5ADgAOAA3ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2402 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=c501ed17-cb6e-47c2-b851-3649b429f7cd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2401 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2400 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2399 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2398 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2397 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2396 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50af968-b28c-4920-a450-78bcca776fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAGcAQQAyAEEAQwA0AEEATwBBAEEAeABBAEMAMABBAE0AZwBBAHgAQQBEAGsAQQBOAGcAQQAwAEEARABFAEEATQBBAEEAeQBBAEQASQBBAE8AUQBBADUAQQBEAGcAQQBPAEEAQQAzAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2395 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d776b7de-3657-4d6b-8cf5-a4e795bc0816
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2394 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d9bbe047-3557-46ec-b495-64fd9eb67a33
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2393 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2392 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2391 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2390 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2389 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2388 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2387 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2386 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4ca07eb1-507c-493e-bfc5-c7337f99ac93
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2385 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d776b7de-3657-4d6b-8cf5-a4e795bc0816
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2384 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2383 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2382 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2381 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2380 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2379 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f6512d3-1615-4fe2-97a8-a58fa274ef9c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2378 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2fb15b5d-b035-4ca0-b74e-5e777fbf2eef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2377 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=5.1.14393.1944
RunspaceId=420f3003-dc0a-4497-8132-ab8790fe83c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2376 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:01:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=5.1.14393.1944
RunspaceId=420f3003-dc0a-4497-8132-ab8790fe83c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2375 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2374 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2373 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2372 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2371 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2370 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a8c90f85-fe1e-44f8-a4f3-33f23d75793b
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAbwBtAHAAdQB0AGUALQBoAHkAcABlAHIAdgA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2369 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=10357f67-0e9b-41ff-a68c-39e61a7d05d5
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2368 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=10357f67-0e9b-41ff-a68c-39e61a7d05d5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2367 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2366 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2365 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2364 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2363 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2362 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2361 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2360 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=60142d8e-2a64-42e6-b837-cd0537ed2cb3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2359 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2fb15b5d-b035-4ca0-b74e-5e777fbf2eef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2358 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2357 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2356 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2355 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2354 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2353 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=47002c83-167e-4105-8890-5612a9aa5ad7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2352 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b8aebb53-9e7d-4d61-bc88-604de2c86a08
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2351 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6520ecfe-ba4a-4ea1-a5c0-40d1ac965094
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2350 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2349 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2348 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2347 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2346 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2345 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2344 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2343 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=301a77ff-2dfc-410d-9f46-d5ec4f94a559
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2342 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b8aebb53-9e7d-4d61-bc88-604de2c86a08
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2341 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2340 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2339 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2338 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2337 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2336 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=304c2e72-b32e-4ad2-8224-a25a29c6503e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2335 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6f6a41e5-c2d4-4062-af9a-2a1a4e086fc4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2334 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=87f2f43f-5be5-48b7-8c01-1a47b6324ec8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2333 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=87f2f43f-5be5-48b7-8c01-1a47b6324ec8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2332 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2331 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2330 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2329 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2328 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2327 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0dc2fc11-e628-4f5c-a86c-afeecdde401e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAG8AbQBwAHUAdABlAC0AaAB5AHAAZQByAHYAXABcAHMAZQB0AHUAcAAuAGMAZgBnACAALQBwAGEAdAB0AGUAcgBuACAAIgBeAG4AYQBtAGUALgAqAD0ALgAqACIAIAB8ACAAJQAgAHsAJABfAC4AbQBhAHQAYwBoAGUAcwAuAHYAYQBsAHUAZQAuAHMAcABsAGkAdAAoACIAPQAiACkAWwAxAF0ALgB0AHIAaQBtACgAKQB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2326 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=418a1757-e7e3-4a8e-b217-1ef52e65b68b
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2325 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=418a1757-e7e3-4a8e-b217-1ef52e65b68b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2324 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2323 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2322 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2321 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2320 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2319 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2318 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2317 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b305da0-d17b-400e-b510-ed47e19d24ee
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2316 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6f6a41e5-c2d4-4062-af9a-2a1a4e086fc4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2315 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2314 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2313 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2312 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2311 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2310 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7d2760b9-c07e-4c13-864f-36284d7bdf48
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2309 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=a0b5437b-e3d6-41f9-ba54-88340d3366b0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2308 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e76d2315-211b-4db1-b7c6-c7d10232d15c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2307 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e76d2315-211b-4db1-b7c6-c7d10232d15c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2306 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2305 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2304 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2303 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2302 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2301 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6950b213-c0fa-40c5-bfb5-b6f6b49fc3ad
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2300 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=a0b5437b-e3d6-41f9-ba54-88340d3366b0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2299 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2298 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2297 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2296 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2295 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2294 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=40d40a95-740e-45df-8059-c7f24f3167b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAyAEEARABRAEEATQBBAEEAdQBBAEQAawBBAE0AUQBBAHQAQQBEAEkAQQBNAGcAQQAxAEEARABZAEEATgBnAEEANQBBAEQAUQBBAE0AQQBBAHcAQQBEAGMAQQBOAHcAQQB3AEEARABNAEEATwBBAEEANABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2293 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae6d9cdb-4015-4b10-b105-87585f491f3b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2292 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=96f058f3-7c1a-40be-8012-8d68346f25f9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2291 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2290 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2289 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2288 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2287 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2286 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2285 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2284 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7b4e2fb8-44bb-4809-8cef-5c85f2680f3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2283 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae6d9cdb-4015-4b10-b105-87585f491f3b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2282 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2281 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2280 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2279 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2278 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2277 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a42bfe2d-f284-439a-b788-9d7a8bd1682a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2276 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=acdc239c-7029-49bc-8a1d-565e0d2f2bad
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2275 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=acdc239c-7029-49bc-8a1d-565e0d2f2bad
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2274 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2273 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2272 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2271 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2270 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2269 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a029bdaf-3f5b-4421-9748-de8c40f7bb4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA2ADQAMAAuADkAMQAtADIAMgA1ADYANgA5ADQAMAAwADcANwAwADMAOAA4AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2268 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=2a6d0c15-a414-4cf6-98f4-a8412f68d97b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2267 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e43ff6d7-06fd-46ec-a5fd-d95a9fa23cbf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2266 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=e43ff6d7-06fd-46ec-a5fd-d95a9fa23cbf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2265 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2264 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2263 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2262 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2261 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2260 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f9f7c-0cb7-4435-bdb6-c006f57e27d0
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADYANAAwAC4AOQAxAC0AMgAyADUANgA2ADkANAAwADAANwA3ADAAMwA4ADgAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2259 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=2a6d0c15-a414-4cf6-98f4-a8412f68d97b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2258 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2257 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2256 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2255 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2254 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2253 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b911b83-09b4-45dd-a0c1-b75804b28124
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFkAQQBOAEEAQQB3AEEAQwA0AEEATwBRAEEAeABBAEMAMABBAE0AZwBBAHkAQQBEAFUAQQBOAGcAQQAyAEEARABrAEEATgBBAEEAdwBBAEQAQQBBAE4AdwBBADMAQQBEAEEAQQBNAHcAQQA0AEEARABnAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2252 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=118a13d1-9e0f-4df8-b172-15460b3577eb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2251 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ce6e2d92-f2cc-40d4-a8f4-5f36377a600b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2250 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2249 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2248 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2247 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2246 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2245 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2244 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2243 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=30b91b37-dc8d-4071-9403-1f56aa8d8dfc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2242 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=118a13d1-9e0f-4df8-b172-15460b3577eb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2241 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2240 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2239 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2238 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2237 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2236 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f4e7a13d-5d20-459a-b8f9-578be892420e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2235 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=bed428d3-8b20-4173-97be-9829d726363c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2234 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=5.1.14393.1944
RunspaceId=86791a04-e4c3-4653-b375-ab3ba9d22baa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2233 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 8:00:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=5.1.14393.1944
RunspaceId=86791a04-e4c3-4653-b375-ab3ba9d22baa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2232 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2231 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2230 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2229 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2228 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2227 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=54de5a14-cacf-4280-a01a-06db3ef57e9d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAG4AbwB2AGEA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2226 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e3fa09e8-2f10-4672-8ed1-497591e65e67
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2225 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e3fa09e8-2f10-4672-8ed1-497591e65e67
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2224 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2223 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2222 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2221 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2220 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2219 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2218 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2217 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=7ec3f699-d5cf-450a-973d-8d57c5707a26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2216 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=bed428d3-8b20-4173-97be-9829d726363c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2215 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2214 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2213 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2212 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2211 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2210 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=489cea8d-bf1d-41c1-a897-6c467902ce6b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2209 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=68c96c2d-9108-47a2-82d2-8b29f05e1d97
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2208 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:29 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ef1f85d7-49ac-44ec-937f-86624801703c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2207 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2206 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2205 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2204 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2203 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2202 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2201 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2200 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=86ad9c3d-33f4-4a5d-9d9b-18b07a6ffe43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2199 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=68c96c2d-9108-47a2-82d2-8b29f05e1d97
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2198 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2197 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2196 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2195 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2194 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2193 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=35544bf8-0cbb-4858-82c6-95ced6eb395b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2192 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ff9b2990-f9bb-4624-b2c0-5befaa87a153
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2191 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=186bafbc-c17f-4434-ab41-f4a39abe0ddd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2190 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=186bafbc-c17f-4434-ab41-f4a39abe0ddd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2189 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2188 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2187 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2186 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2185 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2184 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4d923672-08d2-4e84-94f9-0a629692a942
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABuAG8AdgBhAFwAXABzAGUAdAB1AHAALgBjAGYAZwAgAC0AcABhAHQAdABlAHIAbgAgACIAXgBuAGEAbQBlAC4AKgA9AC4AKgAiACAAfAAgACUAIAB7ACQAXwAuAG0AYQB0AGMAaABlAHMALgB2AGEAbAB1AGUALgBzAHAAbABpAHQAKAAiAD0AIgApAFsAMQBdAC4AdAByAGkAbQAoACkAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2183 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b8a537dc-b512-4949-a2aa-48d6c1e8e3ad
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2182 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b8a537dc-b512-4949-a2aa-48d6c1e8e3ad
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2181 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2180 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2179 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2178 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2177 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2176 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2175 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2174 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=17ec676a-35e1-4008-83c5-9092954ed19c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2173 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ff9b2990-f9bb-4624-b2c0-5befaa87a153
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2172 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2171 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2170 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2169 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2168 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2167 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f2a3ba93-9079-4fb2-bf77-6c4c6fb81a8c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2166 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=3db8b2bc-395d-49d1-8c72-9f3fdc4cd1eb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2165 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=76d47731-0ad4-4fec-acd7-955edb115895
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2164 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=76d47731-0ad4-4fec-acd7-955edb115895
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2163 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2162 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2161 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2160 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2159 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2158 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b49eb468-0dda-4f45-944e-37453d1d3d3f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2157 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=3db8b2bc-395d-49d1-8c72-9f3fdc4cd1eb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2156 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2155 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2154 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2153 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2152 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2151 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc4f55b-0d44-4d49-a08c-6e27834c0e47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAxAEEARABZAEEATQBBAEEAdQBBAEQAUQBBAE4AdwBBAHQAQQBEAEUAQQBNAFEAQQAwAEEARABZAEEATwBRAEEANABBAEQAawBBAE0AQQBBAHgAQQBEAFkAQQBOAFEAQQA0AEEARABrAEEATwBRAEEAMABBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2150 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3a08968e-2f3f-4fd7-a0b1-0673f9d6390f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2149 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=db460a25-c128-4279-a283-cef0e0f3f5df
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2148 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2147 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2146 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2145 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2144 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2143 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2142 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2141 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=06d8efc6-b9c4-4563-83ac-1ff4a5fd2d92
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2140 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3a08968e-2f3f-4fd7-a0b1-0673f9d6390f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2139 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2138 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2137 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2136 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2135 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2134 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=84896cf3-bf06-45f9-bfee-151b5f8d8554
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2133 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6b4984a8-a4a8-4de5-a79a-cebebadfb41d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2132 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6b4984a8-a4a8-4de5-a79a-cebebadfb41d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2131 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2130 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2129 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2128 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2127 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2126 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5f01db5a-5a46-4211-94e4-509ece10ccfa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA1ADYAMAAuADQANwAtADEAMQA0ADYAOQA4ADkAMAAxADYANQA4ADkAOQA0AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2125 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=24f29c5d-ed79-46c6-924d-600b64a91929
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2124 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=c38418f3-451c-4ecc-86da-3b6c8b34dec4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2123 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=c38418f3-451c-4ecc-86da-3b6c8b34dec4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2122 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2121 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2120 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2119 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2118 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2117 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a03b9cef-b26d-4b8e-92a9-85007bf3f875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADUANgAwAC4ANAA3AC0AMQAxADQANgA5ADgAOQAwADEANgA1ADgAOQA5ADQAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2116 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=24f29c5d-ed79-46c6-924d-600b64a91929
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2115 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2114 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2113 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2112 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2111 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2110 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0d6b3e0c-a459-4e83-bb2b-f3a7fe5c0160
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFUAQQBOAGcAQQB3AEEAQwA0AEEATgBBAEEAMwBBAEMAMABBAE0AUQBBAHgAQQBEAFEAQQBOAGcAQQA1AEEARABnAEEATwBRAEEAdwBBAEQARQBBAE4AZwBBADEAQQBEAGcAQQBPAFEAQQA1AEEARABRAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2109 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a9a2a04d-4649-48c9-b88b-643be569ceb2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2108 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9e172eb4-12ad-47fd-b8fd-09ed477a752f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2107 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2106 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2105 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2104 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2103 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2102 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2101 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2100 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=45c0e7c5-e437-435b-9045-af5b8cb6c821
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2099 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a9a2a04d-4649-48c9-b88b-643be569ceb2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2098 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2097 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2096 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2095 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2094 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2093 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=eae91950-16ca-4b9c-a724-bfa998961377
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2092 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=60c65957-0efb-4bb6-87a4-e11b76afad79
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2091 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=5.1.14393.1944
RunspaceId=6180a50e-a408-4318-9359-ef857f3a1922
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2090 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:59:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=5.1.14393.1944
RunspaceId=6180a50e-a408-4318-9359-ef857f3a1922
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2089 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2088 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2087 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2086 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2085 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2084 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6bec0a8-0ba9-4071-9cc7-8e69d6275186
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAGMAaQBuAGQAZQByAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2083 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=92bf0b48-76fc-4a56-bc06-78b31a47eb39
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2082 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=92bf0b48-76fc-4a56-bc06-78b31a47eb39
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2081 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2080 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2079 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2078 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2077 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2076 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2075 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2074 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ddd2a374-2558-4012-b8fe-ccddc98508ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2073 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=60c65957-0efb-4bb6-87a4-e11b76afad79
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2072 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2071 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2070 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2069 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2068 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2067 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e5272e7d-7c5a-4b9c-aad4-3aaf10068264
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2066 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f07fa27-1aa1-4c9d-8e77-5af3676159db
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2065 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6e54883f-2738-48af-962d-352fe118afde
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2064 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2063 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2062 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2061 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2060 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2059 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2058 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2057 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=08b88c97-b76c-4b23-866a-e35d41ca54ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2056 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f07fa27-1aa1-4c9d-8e77-5af3676159db
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2055 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2054 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2053 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2052 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2051 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2050 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=696d27da-e746-44e2-be89-99069053dea7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2049 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d08e49e8-1341-408e-affb-67b9860d7f78
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2048 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=78975781-4a31-40c2-821c-4df9e43b8249
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2047 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=78975781-4a31-40c2-821c-4df9e43b8249
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2046 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2045 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2044 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2043 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2042 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2041 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d20ca64-bbd9-4817-8179-189c1830fba4
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXABjAGkAbgBkAGUAcgBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2040 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=75e85947-f963-4d81-ba7f-a9d1dbfa536d
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 2039 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=75e85947-f963-4d81-ba7f-a9d1dbfa536d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2038 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2037 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2036 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2035 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2034 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2033 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2032 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2031 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=065f5131-40fb-4447-881a-a790f4492ff3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2030 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d08e49e8-1341-408e-affb-67b9860d7f78
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2029 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2028 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2027 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2026 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2025 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2024 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=477aad11-3e4c-4674-8317-6f0a63885afb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2023 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1fc9c5a6-dd5a-4400-a380-9750a6f8dd56
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2022 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9c3ae208-8aa4-4282-9d6d-01d0593b5e61
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2021 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=9c3ae208-8aa4-4282-9d6d-01d0593b5e61
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2020 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2019 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2018 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2017 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2016 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2015 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d01dc02a-b782-403f-bc4d-234be2bdc68f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2014 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1fc9c5a6-dd5a-4400-a380-9750a6f8dd56
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2013 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2012 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2011 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2010 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2009 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2008 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=91809ca1-0551-4452-8d22-61cb9000e33d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQAwAEEARABBAEEATQB3AEEAdQBBAEQARQBBAE4AUQBBAHQAQQBEAEkAQQBOAGcAQQAzAEEARABJAEEATwBBAEEANQBBAEQAawBBAE0AZwBBADMAQQBEAEUAQQBNAFEAQQAwAEEARABJAEEATgBnAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2007 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6a1567c3-b34d-442c-89e7-09a29149ee3f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 2006 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=11ae0d4f-3049-465e-9cfe-09ca54b85feb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 2005 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2004 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2003 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2002 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2001 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2000 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1999 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1998 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=981dbd6d-fc9c-4c50-85d8-c1d062c95dbb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1997 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6a1567c3-b34d-442c-89e7-09a29149ee3f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1996 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1995 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1994 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1993 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1992 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1991 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ff24a08f-652b-4ab8-945a-d836f7ac46b5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1990 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=13f20fcf-af1e-46c9-8aec-d0f9913dd1b0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1989 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=13f20fcf-af1e-46c9-8aec-d0f9913dd1b0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1988 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1987 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1986 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1985 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1984 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1983 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4155bba-be0c-4c51-b278-6896ea7a8cc0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwA0ADAAMwAuADEANQAtADIANgA3ADIAOAA5ADkAMgA3ADEAMQA0ADIANgA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1982 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c6a3b364-f500-43ab-8631-7204a5abf3ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1981 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1d15913a-47c3-4437-a61a-9446865ded27
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1980 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=1d15913a-47c3-4437-a61a-9446865ded27
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1979 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1978 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1977 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1976 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1975 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1974 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90afc766-b051-4759-bcf8-d959199b9bd4
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADQAMAAzAC4AMQA1AC0AMgA2ADcAMgA4ADkAOQAyADcAMQAxADQAMgA2ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1973 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c6a3b364-f500-43ab-8631-7204a5abf3ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1972 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1971 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1970 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1969 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1968 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1967 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b9d545fa-dd6f-4cf3-995b-7dbd3a1c733f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAFEAQQBNAEEAQQB6AEEAQwA0AEEATQBRAEEAMQBBAEMAMABBAE0AZwBBADIAQQBEAGMAQQBNAGcAQQA0AEEARABrAEEATwBRAEEAeQBBAEQAYwBBAE0AUQBBAHgAQQBEAFEAQQBNAGcAQQAyAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1966 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c272a965-95ef-425b-9359-85e210941048
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1965 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e3117c4c-f094-4933-aa23-b85feb37a490
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1964 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1963 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1962 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1961 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1960 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1959 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1958 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1957 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f451e4b6-c1f4-417b-9ce8-1a7093c4ac3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1956 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c272a965-95ef-425b-9359-85e210941048
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1955 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1954 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1953 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1952 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1951 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1950 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c922f9a2-5751-423c-ad35-1a99cb9b6424
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1949 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=942e3abc-f6f5-45fb-b4b2-aa27dc2f4a6f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1948 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=5.1.14393.1944
RunspaceId=597f44e0-34f5-4edc-83a9-36728d6b55f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1947 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=5.1.14393.1944
RunspaceId=597f44e0-34f5-4edc-83a9-36728d6b55f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1946 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1945 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1944 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1943 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1942 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1941 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb22df65-e115-4d90-9761-89dd97e3dfa5
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIAAtAGUAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1940 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d3a232f3-2e1b-4cf0-8196-befdb16a993e
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1939 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d3a232f3-2e1b-4cf0-8196-befdb16a993e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1938 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1937 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1936 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1935 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1934 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1933 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1932 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1931 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e1c885f2-82f1-4e85-b089-735a1f6524e1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1930 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=942e3abc-f6f5-45fb-b4b2-aa27dc2f4a6f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1929 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1928 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1927 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1926 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1925 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1924 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=dfc3b70a-0fc2-4ce7-a2b9-49df6dbb9341
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1923 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4c03563b-d180-4a79-bd35-fd0167185397
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1922 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=6cd94f6b-6027-42f3-874d-6ed8fa8c60f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1921 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=5.1.14393.1944
RunspaceId=6cd94f6b-6027-42f3-874d-6ed8fa8c60f5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1920 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1919 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1918 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1917 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1916 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1915 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6a64abb-33d5-4106-932b-303d11d13309
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABTAGUAbABlAGMAdAAtAFMAdAByAGkAbgBnACAALQBwAGEAdABoACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAcwBlAHQAdQBwAC4AYwBmAGcAIAAtAHAAYQB0AHQAZQByAG4AIAAiAF4AbgBhAG0AZQAuACoAPQAuACoAIgAgAHwAIAAlACAAewAkAF8ALgBtAGEAdABjAGgAZQBzAC4AdgBhAGwAdQBlAC4AcwBwAGwAaQB0ACgAIgA9ACIAKQBbADEAXQAuAHQAcgBpAG0AKAApAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1914 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1b5c8eb8-ac08-46a9-a7ea-a8240d560fcb
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1913 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1b5c8eb8-ac08-46a9-a7ea-a8240d560fcb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1912 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1911 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1910 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1909 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1908 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1907 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1906 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1905 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35245022-5780-478b-b42b-d76f0b16f7b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1904 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4c03563b-d180-4a79-bd35-fd0167185397
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1903 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1902 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1901 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1900 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1899 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1898 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=46c1bad1-b36f-4f57-bf93-958013908493
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1897 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6f374222-4041-48a4-b7d0-35a4db1c954a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1896 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=5.1.14393.1944
RunspaceId=6264e241-aa4d-46db-9503-64be3a7caae8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1895 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:56:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=5.1.14393.1944
RunspaceId=6264e241-aa4d-46db-9503-64be3a7caae8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1894 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1893 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1892 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1891 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1890 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1889 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c1872670-614e-4f68-953b-97f9b2ed0453
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABwAHkAdwBpAG4AMwAyACAAcABiAHIAIABwAHkAbQB5AHMAcQBsACAAbwB2AHMA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1888 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f08b6bb9-4ec1-4b34-b3a3-4d5b1d220aa3
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1887 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f08b6bb9-4ec1-4b34-b3a3-4d5b1d220aa3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1886 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1885 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1884 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1883 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1882 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1881 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1880 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1879 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=433dd806-eb69-4dea-85fa-c7b2a57d1f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1878 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6f374222-4041-48a4-b7d0-35a4db1c954a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1877 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1876 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1875 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1874 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1873 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1872 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0129c395-323f-4534-b45c-bfcf14acaead
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1871 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cc544b71-3757-45b7-8731-95e609d219f1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1870 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=5.1.14393.1944
RunspaceId=ed5b219d-3a82-45cc-a8b0-834f64518aaf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1869 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=5.1.14393.1944
RunspaceId=ed5b219d-3a82-45cc-a8b0-834f64518aaf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1868 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1867 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1866 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1865 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1864 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1863 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=90ee7024-f2a0-4fd5-9523-434dfcac9052
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAGkAcAAgAGkAbgBzAHQAYQBsAGwAIAAtAGMAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAIAAtAFUAIABzAGUAdAB1AHAAdABvAG8AbABzAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1862 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a5d9f587-8c9b-41a6-b21e-86b1f81ab3a1
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1861 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a5d9f587-8c9b-41a6-b21e-86b1f81ab3a1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1860 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1859 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1858 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1857 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1856 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1855 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1854 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1853 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e303f424-9e11-45dc-9129-163fb35a57cd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1852 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cc544b71-3757-45b7-8731-95e609d219f1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1851 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1850 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1849 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1848 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1847 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1846 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4eb52e15-2c66-4a98-aace-5b6e17d719ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1845 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=bedb1778-aad5-4bb2-971d-101abbba728d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1844 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:33 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=5.1.14393.1944
RunspaceId=507905f6-8ba8-4b5e-b997-10ae169210c5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1843 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=5.1.14393.1944
RunspaceId=507905f6-8ba8-4b5e-b997-10ae169210c5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1842 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1841 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1840 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1839 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1838 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1837 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=04ddbd78-1466-4207-8fca-ff98d3d4588c
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIAAoAGcAYwAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQAKQAgAC0AcgBlAHAAbABhAGMAZQAgACIAXgB5AGEAcABwAGkALgAqACIALAAgACIAeQBhAHAAcABpAD0APQA9ADEALgAzAC4AMwAiACAAfAAgAFMAZQB0AC0AQwBvAG4AdABlAG4AdAAgAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAYgB1AGkAbABkAFwAXAByAGUAcQB1AGkAcgBlAG0AZQBuAHQAcwBcAFwAdQBwAHAAZQByAC0AYwBvAG4AcwB0AHIAYQBpAG4AdABzAC4AdAB4AHQA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1836 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4c023677-a3fe-43b1-a1e8-0cbb8d5030ad
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1835 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4c023677-a3fe-43b1-a1e8-0cbb8d5030ad
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1834 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1833 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1832 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1831 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1830 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1829 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1828 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1827 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=de87881a-9864-4812-842a-b114db89e632
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1826 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=bedb1778-aad5-4bb2-971d-101abbba728d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1825 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1824 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1823 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1822 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1821 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1820 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9b9943ab-215d-4f03-800a-b474b384de2b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1819 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=3d989c8a-5f28-4312-a080-a33edf6908d1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1818 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=153857a4-b23e-4996-8aa0-85f9dd64375f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1817 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=153857a4-b23e-4996-8aa0-85f9dd64375f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1816 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1815 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1814 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1813 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1812 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1811 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e0e82399-7605-494f-b435-684a7f64bd58
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1810 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=3d989c8a-5f28-4312-a080-a33edf6908d1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1809 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1808 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1807 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1806 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1805 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1804 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=22abb891-3266-4fe0-be3d-4b0987976375
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAHcAQQB6AEEARABJAEEATgBRAEEAdQBBAEQAUQBBAE0AZwBBAHQAQQBEAEUAQQBNAGcAQQB3AEEARABFAEEATQB3AEEANABBAEQAYwBBAE0AZwBBADMAQQBEAFUAQQBNAGcAQQA1AEEARABJAEEATQBRAEEAegBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1803 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a0e5c594-23de-4131-bb8d-46cc764ae182
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1802 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3e7d0a00-2577-4f51-8046-42a693e043c6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1801 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1800 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1799 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1798 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1797 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1796 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1795 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1794 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=aa908a26-3026-4de0-8878-393d4a45b866
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1793 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a0e5c594-23de-4131-bb8d-46cc764ae182
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1792 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1791 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1790 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1789 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1788 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1787 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b25d3ff-aa31-424c-af31-7f84ab548e0e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1786 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c99f6f11-4755-45a7-a9db-a16eec8d2d92
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1785 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c99f6f11-4755-45a7-a9db-a16eec8d2d92
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1784 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1783 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1782 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1781 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1780 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1779 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=82f93fb8-6635-42b7-9a6a-4e829dbcc95c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANwAzADIANQAuADQAMgAtADEAMgAwADEAMwA4ADcAMgA3ADUAMgA5ADIAMQAzAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1778 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=3c9b3f14-bad7-47ea-bc1e-2e7d517c50d4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1777 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=35d07d5f-e8b6-452f-b978-e7a7c8966344
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1776 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=35d07d5f-e8b6-452f-b978-e7a7c8966344
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1775 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1774 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1773 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1772 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1771 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1770 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=833f621a-fc0e-4b51-85eb-9cedbf73f09b
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA3ADMAMgA1AC4ANAAyAC0AMQAyADAAMQAzADgANwAyADcANQAyADkAMgAxADMAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1769 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=3c9b3f14-bad7-47ea-bc1e-2e7d517c50d4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1768 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1767 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1766 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1765 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1764 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1763 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=685b6042-3bfa-459e-9e3e-c887fe6b332d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADMAQQBEAE0AQQBNAGcAQQAxAEEAQwA0AEEATgBBAEEAeQBBAEMAMABBAE0AUQBBAHkAQQBEAEEAQQBNAFEAQQB6AEEARABnAEEATgB3AEEAeQBBAEQAYwBBAE4AUQBBAHkAQQBEAGsAQQBNAGcAQQB4AEEARABNAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1762 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4ef6768d-4873-44d2-bfd8-852d761298bf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1761 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=54c515c5-bc8a-40d3-b119-ccb647096722
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1760 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1759 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1758 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1757 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1756 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1755 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1754 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1753 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5b8df696-55cf-4411-9a5c-a8dfbd0d9207
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1752 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4ef6768d-4873-44d2-bfd8-852d761298bf
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1751 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1750 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1749 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1748 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1747 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1746 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48509d65-946c-4149-a03b-77f30800dec8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1745 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5a5e4405-9ba9-4ce9-bf75-38f4b4d5c066
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1744 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=5.1.14393.1944
RunspaceId=9f166cf5-a341-442f-b34d-8a67c9fcad83
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1743 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:55:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=5.1.14393.1944
RunspaceId=9f166cf5-a341-442f-b34d-8a67c9fcad83
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1742 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1741 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1740 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1739 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1738 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1737 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=966eaff8-d448-473a-b641-3f0cdda94248
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABwAHkAdABoAG8AbgAyADcAXABzAGMAcgBpAHAAdABzAFwAegB1AHUAbAAtAGMAbABvAG4AZQByACAALQAtAHcAbwByAGsAcwBwAGEAYwBlACAAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXABiAHUAaQBsAGQAIAAtAG0AIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAGIAdQBpAGwAZABcAFwAYwBsAG8AbgBlAG0AYQBwAC4AeQBhAG0AbAAgAC0ALQB6AHUAdQBsAC0AcAByAG8AagBlAGMAdAAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBpAG4AZABlAHIAIAAtAC0AegB1AHUAbAAtAHIAZQBmACAAcgBlAGYAcwAvAHoAdQB1AGwALwBtAGEAcwB0AGUAcgAvAFoAOAA1ADQAZgA3ADgAOAAyADAAZQA5ADcANAA1ADIAZABiADUAOQAxADgAMQBhADcAMwA5AGUAYgAzAGUAYgBlACAALQAtAHoAdQB1AGwALQB1AHIAbAAgAGgAdAB0AHAAOgAvAC8AMQAwAC4AMQAwADYALgAxAC4AMwA5AC8AcAAgAC0ALQB6AHUAdQBsAC0AYgByAGEAbgBjAGgAIABtAGEAcwB0AGUAcgAgAGgAdAB0AHAAcwA6AC8ALwBvAHAAZQBuAGQAZQB2AC4AbwByAGcAIABvAHAAZQBuAHMAdABhAGMAawAvAHIAZQBxAHUAaQByAGUAbQBlAG4AdABzACAAbwBwAGUAbgBzAHQAYQBjAGsALwBjAGkAbgBkAGUAcgAgAG8AcABlAG4AcwB0AGEAYwBrAC8AbgBvAHYAYQAgAG8AcABlAG4AcwB0AGEAYwBrAC8AYwBvAG0AcAB1AHQAZQAtAGgAeQBwAGUAcgB2ACAAbwBwAGUAbgBzAHQAYQBjAGsALwBuAGUAdAB3AG8AcgBrAGkAbgBnAC0AaAB5AHAAZQByAHYAIABvAHAAZQBuAHMAdABhAGMAawAvAG4AZQB1AHQAcgBvAG4AIABvAHAAZQBuAHMAdABhAGMAawAvAG8AcwAtAHcAaQBuAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1736 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:25 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9326c23a-23ac-4d96-986a-cbcada4e851e
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1735 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9326c23a-23ac-4d96-986a-cbcada4e851e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1734 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1733 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1732 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1731 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1730 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1729 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1728 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1727 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=615c65c2-ab78-4a83-8b01-0ba3bc0b9bc7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1726 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5a5e4405-9ba9-4ce9-bf75-38f4b4d5c066
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1725 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1724 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1723 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1722 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1721 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1720 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=059aa0ef-f913-4ae9-b514-ad1d2d819367
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1719 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=ab4bb26d-c3ce-4554-af29-a5ce34707cf9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1718 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=bd55c417-f90a-4c96-bd3a-0ef5c727601f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1717 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=bd55c417-f90a-4c96-bd3a-0ef5c727601f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1716 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1715 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1714 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1713 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1712 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1711 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=02dec735-0834-407e-bea2-c258aa4601e7
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1710 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=ab4bb26d-c3ce-4554-af29-a5ce34707cf9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1709 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1708 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1707 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1706 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1705 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1704 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5e3d4b20-8d2b-4644-8b59-d1029f0d07c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAyAEEARABVAEEATwBRAEEAdQBBAEQATQBBAE0AZwBBAHQAQQBEAEkAQQBOAEEAQQB4AEEARABrAEEATgBnAEEANABBAEQAVQBBAE8AUQBBADEAQQBEAGMAQQBPAFEAQQAwAEEARABRAEEATQBnAEEAdwBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1703 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=16012727-2fb8-4071-92b9-7d9d4e3e1e61
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1702 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=77f87b02-53ed-4107-a218-5eef177b9fba
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1701 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1700 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1699 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1698 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1697 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1696 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1695 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1694 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e2ac029d-f4be-45df-a4b0-097941ad21ec
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1693 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=16012727-2fb8-4071-92b9-7d9d4e3e1e61
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1692 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1691 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1690 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1689 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1688 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1687 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e2883304-b29d-45d1-aa8b-6afeaae444c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1686 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6b29fc49-e3eb-4b34-bce4-2f2302b46f7e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1685 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6b29fc49-e3eb-4b34-bce4-2f2302b46f7e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1684 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1683 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1682 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1681 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1680 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1679 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ca943aab-a3c4-4811-8af0-af89a44ed83c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA2ADUAOQAuADMAMgAtADIANAAxADkANgA4ADUAOQA1ADcAOQA0ADQAMgAwAFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1678 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=3fd85a1b-c0a8-4b34-a828-60f29696d3aa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1677 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=451d6434-dd04-4c6c-9dd3-f831ba14b01a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1676 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=451d6434-dd04-4c6c-9dd3-f831ba14b01a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1675 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1674 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1673 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1672 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1671 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1670 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=05fa1be3-8cf1-490e-84fb-30d1e71afa8d
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADYANQA5AC4AMwAyAC0AMgA0ADEAOQA2ADgANQA5ADUANwA5ADQANAAyADAAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1669 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=3fd85a1b-c0a8-4b34-a828-60f29696d3aa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1668 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1667 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1666 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1665 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1664 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1663 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd91fab-2c43-4d4d-85c6-4a078e499a32
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFkAQQBOAFEAQQA1AEEAQwA0AEEATQB3AEEAeQBBAEMAMABBAE0AZwBBADAAQQBEAEUAQQBPAFEAQQAyAEEARABnAEEATgBRAEEANQBBAEQAVQBBAE4AdwBBADUAQQBEAFEAQQBOAEEAQQB5AEEARABBAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1662 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a8c5b509-0ce8-4ecb-8669-531c1fcf9644
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1661 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aa212db7-22bb-4b3e-bc15-907d2a430054
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1660 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1659 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1658 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1657 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1656 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1655 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1654 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1653 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=580c5cbb-847e-450e-838c-26ef62d57fac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1652 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a8c5b509-0ce8-4ecb-8669-531c1fcf9644
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1651 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1650 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1649 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1648 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1647 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1646 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ab23e8f6-1060-42f4-810b-99c7ee35cd26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1645 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f1a7817d-302c-44a8-afee-b6bb96a70c5c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1644 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7d0d9b19-700b-4f9d-89fd-0f7237112af5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1643 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1642 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1641 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1640 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1639 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1638 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1637 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1636 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=99f8a88e-9a4f-48ac-869c-ea657e0c89d8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1635 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f1a7817d-302c-44a8-afee-b6bb96a70c5c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1634 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1633 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1632 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1631 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1630 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1629 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2c3ed10a-0d10-40c1-b97d-4ff11deddc99
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1628 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8666972c-9fdc-43e7-9104-f56ab360d163
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1627 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:44:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.IO.Compression.FileSystem
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7bb57d79-c4a8-4dac-8ecb-07482dd19bbe
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.IO.Compression.FileSystem
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.IO.Compression.FileSystem"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1626 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7bb57d79-c4a8-4dac-8ecb-07482dd19bbe
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1625 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1624 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1623 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1622 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1621 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1620 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1619 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1618 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=fc1c15f4-ce93-435f-bf1f-6633f7c73c05
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1617 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8666972c-9fdc-43e7-9104-f56ab360d163
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1616 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1615 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1614 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1613 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1612 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1611 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=577488f0-665e-404f-98d4-c50953bd1edd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1610 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=16e2e1fb-4fab-426a-bd25-8be1e406b84b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1609 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f20a60ba-8879-40d7-a2ae-9605b58145b6
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1608 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f20a60ba-8879-40d7-a2ae-9605b58145b6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1607 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1606 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1605 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1604 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1603 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1602 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1601 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1600 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8b2484a3-cc91-4f94-ac38-a654223a13b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1599 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=16e2e1fb-4fab-426a-bd25-8be1e406b84b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1598 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1597 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1596 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1595 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1594 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1593 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=70673ff3-9a40-48df-9dd9-a96784833185
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1592 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a5fec48a-c1ce-4130-a5b2-8b9ffe9d301e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1591 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=76d158f3-00ef-43c3-bde8-af1097b9d40b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1590 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1589 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1588 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1587 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1586 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1585 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1584 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1583 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2d55e62d-04ef-4253-9987-2e7a70ccf543
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1582 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a5fec48a-c1ce-4130-a5b2-8b9ffe9d301e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1581 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1580 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1579 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1578 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1577 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1576 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb9129e0-db30-4508-b658-5faf9c5f8b10
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1575 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f1b4e87-6f0a-4931-ba4a-4b1dd76349a9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1574 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=59764a65-f779-4778-aa89-270396754bdc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1573 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=59764a65-f779-4778-aa89-270396754bdc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1572 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1571 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1570 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1569 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1568 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1567 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a168a02-f015-498b-8e7b-770713980b61
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAtAHIAZQBjAHUAcgBzAGUAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAIgAgAGMAOgBcAHcAaQBuAGQAbwB3AHMAXABzAHkAcwB0AGUAbQAzADIAXABXAGkAbgBkAG8AdwBzAFAAbwB3AGUAcgBTAGgAZQBsAGwAXAB2ADEALgAwAFwATQBvAGQAdQBsAGUAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1566 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3935b5a9-4f93-4eff-b085-b1db66415ccb
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1565 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3935b5a9-4f93-4eff-b085-b1db66415ccb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1564 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1563 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1562 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1561 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1560 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1559 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1558 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1557 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a7ffa2d4-ca2d-4246-8abf-57f0c7a98e3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1556 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f1b4e87-6f0a-4931-ba4a-4b1dd76349a9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1555 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1554 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1553 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1552 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1551 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1550 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6456c034-ded1-4dbf-b0a1-3186137de342
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1549 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:42:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f901b805-a764-4f0b-af12-52bbaa19813a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1548 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=c2e387be-dc10-49f8-8d42-43e02bd6d60f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1547 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=c2e387be-dc10-49f8-8d42-43e02bd6d60f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1546 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1545 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1544 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1543 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1542 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1541 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a6ea94d-68dc-4fc4-9cd2-42af3d987c1a
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjAHAAIAAiAGMAOgBcAG8AcABlAG4AcwB0AGEAYwBrAFwAdABtAHAAXABcAEYAcgBlAGUAUgBEAFAAXABcACoAIgAgAGMAOgBcAFwAdwBpAG4AZABvAHcAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1540 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae11e48f-fb4c-4967-8c16-fe9c20c49893
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1539 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ae11e48f-fb4c-4967-8c16-fe9c20c49893
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1538 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1537 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1536 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1535 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1534 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1533 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1532 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1531 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5af3b4df-ff83-4449-947f-9ea9e661db20
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1530 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f901b805-a764-4f0b-af12-52bbaa19813a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1529 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1528 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1527 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1526 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1525 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1524 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a8015cd-0852-4ce0-8f8a-3c4739ef3916
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1523 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e95f07af-621c-4192-b75f-2bd485c1e5de
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1522 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.IO.Compression.FileSystem
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=280aba57-85e7-442c-acb4-5a15199a8558
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.IO.Compression.FileSystem
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.IO.Compression.FileSystem"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1521 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=280aba57-85e7-442c-acb4-5a15199a8558
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1520 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1519 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1518 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1517 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1516 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1515 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1514 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1513 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98672839-cd0f-48a3-8552-21eaf655da09
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1512 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e95f07af-621c-4192-b75f-2bd485c1e5de
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1511 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1510 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1509 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1508 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1507 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1506 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c4a2c9e-9b63-413e-b84b-9ceac9ec361b
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1505 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f4f1b547-9999-4d97-b816-bb94b9d18497
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1504 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2bf6d303-8bfd-41c5-9131-404f8e2f5116
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1503 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2bf6d303-8bfd-41c5-9131-404f8e2f5116
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1502 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1501 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1500 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1499 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1498 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1497 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1496 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1495 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b9e2989f-f708-4cbc-9dcd-356848e0576f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1494 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f4f1b547-9999-4d97-b816-bb94b9d18497
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1493 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1492 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1491 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1490 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1489 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1488 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=420b1e6f-4a52-489a-8d39-26b9cc1593c7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1487 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=87a2b1da-fb9a-45b8-bcd4-186f1952b516
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1486 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0e4dab91-1009-4531-baaf-6f425d6bf1d1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1485 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1484 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1483 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1482 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1481 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1480 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1479 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1478 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5fdf7f3b-2175-4f28-997b-adcd09eac206
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1477 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=87a2b1da-fb9a-45b8-bcd4-186f1952b516
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1476 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1475 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1474 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1473 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1472 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1471 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=74e76430-5715-429d-89a8-c05709bc6a63
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1470 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e9fbea83-f577-465b-b8fe-8de98a8eba69
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1469 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=5.1.14393.1944
RunspaceId=99dab3f9-2ce7-4834-8595-a69294189a42
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1468 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=5.1.14393.1944
RunspaceId=99dab3f9-2ce7-4834-8595-a69294189a42
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1467 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1466 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1465 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1464 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1463 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1462 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=342de640-ceaa-4d61-866d-b9428f72505e
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAdgBjAHIAZQBkAGkAcwB0AF8AeAA4ADYALgBlAHgAZQAgAC8AcQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1461 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=41151e4c-cb23-467d-bcd4-0313f4d8c6db
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1460 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=41151e4c-cb23-467d-bcd4-0313f4d8c6db
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1459 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1458 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1457 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1456 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1455 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1454 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1453 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1452 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=61418eeb-b4b4-4f6d-91dc-92ebd5e34f73
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1451 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e9fbea83-f577-465b-b8fe-8de98a8eba69
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1450 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1449 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1448 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1447 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1446 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1445 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ae61f83-7746-495c-8c94-75b26e4af419
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1444 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=db6ae91d-a733-41f7-955b-a84faa8dc77a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1443 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ff2626e8-e725-48bb-9544-6124d9b03ac6
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1442 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ff2626e8-e725-48bb-9544-6124d9b03ac6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1441 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1440 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1439 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1438 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1437 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1436 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1435 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1434 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d691d4e7-16c8-4d64-a868-4babf7f8134e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1433 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=db6ae91d-a733-41f7-955b-a84faa8dc77a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1432 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1431 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1430 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1429 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1428 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1427 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=57420c04-465e-497a-ac13-9db792391b81
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1426 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c3723faa-4522-4e9e-aaaf-f8e941c72a39
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1425 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=eea5e698-09ed-4909-80f3-355808f67d8b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1424 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1423 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1422 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1421 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1420 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1419 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1418 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1417 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=94ded20e-887a-485f-ae9d-444e6c628ff6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1416 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c3723faa-4522-4e9e-aaaf-f8e941c72a39
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1415 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1414 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1413 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1412 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1411 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1410 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4f9c8428-16de-4916-8d16-946c648ee905
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1409 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7070a8f0-1d29-4c69-82d2-4da42042e78b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1408 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=5.1.14393.1944
RunspaceId=94e89012-4bf6-4fac-9bcb-31be84caeba2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1407 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=5.1.14393.1944
RunspaceId=94e89012-4bf6-4fac-9bcb-31be84caeba2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1406 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1405 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1404 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1403 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1402 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1401 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=945938a3-e510-48bd-875b-91bc38e1144d
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAVwBpAG4AMwAyAF8AUAByAG8AZAB1AGMAdAAgAC0ARgBpAGwAdABlAHIAIAAiAE4AYQBtAGUAIABMAEkASwBFACAAJwAlAFYAaQBzAHUAYQBsACAAQwArACsAIAAyADAAMQAyACAAeAA4ADYAJQAnACIA
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1400 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a8f55674-72a1-4ca8-be1c-ab63b1b8aed7
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1399 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a8f55674-72a1-4ca8-be1c-ab63b1b8aed7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1398 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1397 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1396 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1395 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1394 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1393 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1392 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1391 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5448f690-2e45-4259-9427-9c6feead1f56
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1390 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7070a8f0-1d29-4c69-82d2-4da42042e78b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1389 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1388 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1387 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1386 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1385 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1384 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0809a695-7f47-4a8f-84d7-b195e5e40d19
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1383 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d9ac040d-2811-49dd-adab-eadc7a60912e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1382 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=57e95a5c-8258-4067-8f4d-fbe07f29374d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1381 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1380 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1379 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1378 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1377 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1376 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1375 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1374 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2a958ba-e0c3-4e55-a6c8-6248ac901304
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1373 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d9ac040d-2811-49dd-adab-eadc7a60912e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1372 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1371 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1370 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1369 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1368 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1367 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7861b59b-d96f-4c09-b6a3-4052d61957a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1366 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d9169257-b621-4851-9329-8259800a53c1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1365 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:41:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=5.1.14393.1944
RunspaceId=c8c7822a-5e3d-4dac-bad4-f3886afbf982
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1364 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=5.1.14393.1944
RunspaceId=c8c7822a-5e3d-4dac-bad4-f3886afbf982
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1363 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1362 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1361 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1360 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1359 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1358 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8dd4e1f1-3fc1-4f46-a783-c3de8923ad21
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAZwBpAHQALQBpAG4AcwB0AGEAbABsAGUAcgAuAGUAeABlACAALwBzAGkAbABlAG4AdAA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1357 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=66ba40aa-af73-4632-b758-a928af03dc48
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1356 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=66ba40aa-af73-4632-b758-a928af03dc48
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1355 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1354 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1353 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1352 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1351 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1350 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1349 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1348 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4dfd941e-a307-4b48-9b23-d0f84db1d5b3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1347 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d9169257-b621-4851-9329-8259800a53c1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1346 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1345 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1344 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1343 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1342 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1341 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e91edd6e-909a-417a-b8fd-7737e024afbd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1340 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=51432ebd-3622-4f71-838c-b0121facdeac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1339 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1ddf4d2a-942d-4d09-b1bb-92b650d7bb2b
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1338 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1ddf4d2a-942d-4d09-b1bb-92b650d7bb2b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1337 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1336 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1335 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1334 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1333 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1332 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1331 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1330 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=565726c7-f83a-4a4c-ad65-01bda22d4226
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1329 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=51432ebd-3622-4f71-838c-b0121facdeac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1328 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1327 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1326 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1325 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1324 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1323 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=42f86ea1-aa8d-4ca0-935f-476863aadfd2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1322 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=45ea51ea-f525-4f25-894b-6572c1b54edc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1321 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=da0a5d5a-918e-4ca1-87fb-ed0b2d1e8636
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1320 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1319 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1318 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1317 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1316 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1315 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1314 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1313 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=5c5de784-8b59-4338-97f3-23b6dd06c0ab
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1312 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=45ea51ea-f525-4f25-894b-6572c1b54edc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1311 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1310 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1309 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1308 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1307 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1306 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1a4d1ec3-f908-4c5e-94c9-9da8e621fb06
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1305 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=6f790c03-553a-43e4-a07f-779b59d8fd67
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1304 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=61ef6a5b-8b85-4e82-b0c1-b538297aaed6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1303 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=61ef6a5b-8b85-4e82-b0c1-b538297aaed6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1302 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1301 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1300 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1299 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1298 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1297 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2e679d36-de17-4aeb-ba04-bd732aefef52
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1296 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=6f790c03-553a-43e4-a07f-779b59d8fd67
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1295 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1294 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1293 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1292 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1291 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1290 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=efc65f3e-397e-46b5-831f-1dcc34960173
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATQBBAEEAdQBBAEQAVQBBAE4AQQBBAHQAQQBEAFUAQQBNAFEAQQB4AEEARABnAEEATgBRAEEAdwBBAEQATQBBAE8AUQBBAHkAQQBEAFUAQQBOAFEAQQAwAEEARABRAEEATgBRAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1289 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5276f0eb-2594-486e-9e85-e58c39fdb413
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1288 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8569f172-3ee6-4fff-a1f1-69f5d131072c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1287 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1286 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1285 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1284 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1283 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1282 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1281 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1280 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0cb7fb52-8347-4dd0-a289-79508c1b9314
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1279 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5276f0eb-2594-486e-9e85-e58c39fdb413
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1278 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1277 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1276 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1275 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1274 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1273 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2b7e5a35-0a1d-4600-96a1-02e77c46ea6a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1272 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=8ca65d4b-3e8e-41dc-a0a0-b65f20e83732
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1271 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=8ca65d4b-3e8e-41dc-a0a0-b65f20e83732
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1270 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1269 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1268 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1267 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1266 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1265 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c1bcb48-55a8-4a51-a0ba-43b86603df8e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADQAMAAuADUANAAtADUAMQAxADgANQAwADMAOQAyADUANQA0ADQANQBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1264 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=6a1d00d4-3045-4e4a-891e-9eefb3a8a234
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1263 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=77361454-fba5-4056-8980-56971e3703c3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1262 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=77361454-fba5-4056-8980-56971e3703c3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1261 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1260 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1259 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1258 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1257 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1256 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2df1ad36-9d63-4a3f-ac1a-ed767ec1b328
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQANAAwAC4ANQA0AC0ANQAxADEAOAA1ADAAMwA5ADIANQA1ADQANAA1ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1255 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=6a1d00d4-3045-4e4a-891e-9eefb3a8a234
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1254 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1253 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1252 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1251 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1250 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1249 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ebc644b1-e187-4bf1-a15c-b008c16584c2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQB3AEEAQwA0AEEATgBRAEEAMABBAEMAMABBAE4AUQBBAHgAQQBEAEUAQQBPAEEAQQAxAEEARABBAEEATQB3AEEANQBBAEQASQBBAE4AUQBBADEAQQBEAFEAQQBOAEEAQQAxAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1248 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3b5ed4e3-6859-43eb-9eb2-ec335b0536e6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1247 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2680bd0e-58d9-4b8d-a9ab-2997f6007841
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1246 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1245 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1244 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1243 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1242 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1241 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1240 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1239 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=67d0581f-c6e2-4597-844b-b949a6356da5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1238 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=3b5ed4e3-6859-43eb-9eb2-ec335b0536e6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1237 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1236 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1235 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1234 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1233 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1232 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6ab88909-1f77-4853-ad57-b3fa7a17f3d1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1231 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=47a35066-03c9-46af-96e9-870fd7e95ffa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1230 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=822caac7-2d58-41e6-84c6-f557ac6aeb68
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1229 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=5.1.14393.1944
RunspaceId=822caac7-2d58-41e6-84c6-f557ac6aeb68
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1228 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1227 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1226 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1225 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1224 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1223 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b17c559e-8972-45f0-a234-ffa05145ddbc
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABwAHkAdABoAG8AbgAgACIAYwA6AFwAbwBwAGUAbgBzAHQAYQBjAGsAXAB0AG0AcABcAFwAZwBlAHQALQBwAGkAcAAuAHAAeQAiACAALQBjACAAIgBjADoAXABvAHAAZQBuAHMAdABhAGMAawBcAHQAbQBwAFwAXABjAG8AbgBzAHQAcgBhAGkAbgB0AHMALgB0AHgAdAAiACAAcABpAHAAIAAtAC0AbgBvAC0AcwBlAHQAdQBwAHQAbwBvAGwAcwA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1222 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=781dc62d-1526-4414-a079-29e9fdcf19b2
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1221 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=781dc62d-1526-4414-a079-29e9fdcf19b2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1220 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1219 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1218 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1217 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1216 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1215 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1214 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1213 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9a0a3bc-40c7-4d18-8d4d-925284e0dc87
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1212 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=47a35066-03c9-46af-96e9-870fd7e95ffa
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1211 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1210 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1209 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1208 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1207 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1206 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c4ad42f5-9a73-403d-9aea-d4aa1d4e3f90
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1205 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=0254176e-6a9c-4aac-b74a-5e26a6c50655
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1204 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=73fc11b6-8b46-418e-908f-be713df3a56b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1203 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=73fc11b6-8b46-418e-908f-be713df3a56b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1202 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1201 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1200 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1199 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1198 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1197 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09bc9c32-5298-4805-8a97-7a4ea631c2db
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1196 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=0254176e-6a9c-4aac-b74a-5e26a6c50655
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1195 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1194 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1193 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1192 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1191 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1190 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c61f4334-5332-4626-ab0f-e5f5cbb0a34a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQAwAEEARABFAEEATgB3AEEAdQBBAEQARQBBAE8AUQBBAHQAQQBEAEUAQQBNAGcAQQAzAEEARABNAEEATQBnAEEAMwBBAEQAUQBBAE8AQQBBAHcAQQBEAGcAQQBNAEEAQQA0AEEARABrAEEATgBRAEEAMgBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1189 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=eddf6cdc-7d90-489e-a71f-76ab017756b5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1188 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aab0aa2a-4dbb-4ad8-9d7a-bd9964ef0abd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1187 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1186 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1185 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1184 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1183 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1182 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1181 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1180 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=2510bc13-0e3d-40f8-b941-3791fadce2d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1179 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=eddf6cdc-7d90-489e-a71f-76ab017756b5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1178 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1177 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1176 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1175 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1174 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1173 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3d6e25f-47b9-42eb-a809-bd778c9d9fa0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1172 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=a130e859-032e-46a0-bf3f-bf2d3b717d04
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1171 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=a130e859-032e-46a0-bf3f-bf2d3b717d04
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1170 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1169 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1168 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1167 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1166 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1165 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d951cf1a-12aa-410e-ab5d-6fbe3731de66
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgA0ADEANwAuADEAOQAtADEAMgA3ADMAMgA3ADQAOAAwADgAMAA4ADkANQA2AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1164 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:18 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=a56831c2-d98b-4696-92f4-47398b09f875
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1163 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=7e96339e-3d77-4e55-b522-b3538038793c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1162 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=7e96339e-3d77-4e55-b522-b3538038793c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1161 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1160 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1159 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1158 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1157 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1156 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8089babb-92b5-4373-a30c-c12f73e3aacb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADQAMQA3AC4AMQA5AC0AMQAyADcAMwAyADcANAA4ADAAOAAwADgAOQA1ADYAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1155 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=a56831c2-d98b-4696-92f4-47398b09f875
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1154 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1153 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1152 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1151 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1150 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1149 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b3f6d51e-8286-4063-ad83-85cfeee79ab3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAFEAQQBNAFEAQQAzAEEAQwA0AEEATQBRAEEANQBBAEMAMABBAE0AUQBBAHkAQQBEAGMAQQBNAHcAQQB5AEEARABjAEEATgBBAEEANABBAEQAQQBBAE8AQQBBAHcAQQBEAGcAQQBPAFEAQQAxAEEARABZAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1148 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=32feddf4-467f-48a2-96ff-6f2066da553a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1147 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a39bfb17-74bf-43a5-87e4-ce07a234887f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1146 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1145 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1144 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1143 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1142 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1141 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1140 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1139 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=9341b9dc-7e0c-4c3a-8a31-09a94087f64e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1138 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=32feddf4-467f-48a2-96ff-6f2066da553a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1137 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1136 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1135 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1134 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1133 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1132 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d2b0172a-868c-4f5c-891d-c68550a8cd1f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1131 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cf754435-f30b-4841-bf1a-a4c45f50fa0b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1130 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=58633845-d35e-401a-934b-cc5a278638e8
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1129 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=58633845-d35e-401a-934b-cc5a278638e8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1128 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1127 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1126 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1125 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1124 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1123 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1122 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1121 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bbee8048-d68d-4041-b656-8c123e2c89d9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1120 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=cf754435-f30b-4841-bf1a-a4c45f50fa0b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1119 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1118 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1117 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1116 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1115 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1114 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=19797710-c8c6-42ea-af71-839277192b47
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1113 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9cea93f4-7e4d-4ee5-adbd-8343ae2214ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1112 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=75b7673b-a87a-4375-ac79-dabcbf9d7436
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1111 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1110 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1109 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1108 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1107 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1106 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1105 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1104 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=bb774fbd-1d8e-4cff-8883-9a9ca4272134
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1103 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9cea93f4-7e4d-4ee5-adbd-8343ae2214ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1102 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1101 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1100 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1099 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1098 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1097 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3d305f45-65c4-43a3-8a6c-38dbf248b4c5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1096 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ca19109e-6ff7-4d5f-abcf-c119a7d24251
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1095 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:40:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.IO.Compression.FileSystem
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dba3dd48-f05b-4d63-b742-1315f1120f6a
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.IO.Compression.FileSystem
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.IO.Compression.FileSystem"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1094 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dba3dd48-f05b-4d63-b742-1315f1120f6a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1093 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1092 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1091 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1090 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1089 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1088 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1087 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1086 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a3fb4a1e-c542-43f6-ab0a-e4d2e025df07
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1085 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ca19109e-6ff7-4d5f-abcf-c119a7d24251
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1084 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1083 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1082 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1081 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1080 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1079 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f92ffb89-9eb3-4f9a-b58c-db61406da4e2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1078 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=62e7ff44-e83f-4f77-b94e-67ad82957495
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1077 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8dd0a577-00b7-49fd-a898-6c47a2ffe14f
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1076 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8dd0a577-00b7-49fd-a898-6c47a2ffe14f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1075 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1074 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1073 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1072 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1071 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1070 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1069 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1068 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=181dc26b-8de9-4979-b684-c0a27cd5f24d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1067 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=62e7ff44-e83f-4f77-b94e-67ad82957495
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1066 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1065 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1064 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1063 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1062 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1061 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bfb3724a-0efd-4116-b665-31664908015e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1060 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=315e1d67-c4fe-40f4-b87a-34c9ed78c78a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1059 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=31651f9b-954d-4979-937e-738b6861cf4c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1058 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1057 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1056 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1055 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1054 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1053 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1052 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1051 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=874842f6-87f1-4aab-97dc-a776aa8ef444
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1050 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=315e1d67-c4fe-40f4-b87a-34c9ed78c78a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1049 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1048 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1047 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1046 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1045 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1044 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=09b3d3eb-c47e-443c-a210-9bf81fef8831
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1043 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:13 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d7e7a726-ec7e-4555-bbe1-22c6d20a58e9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1042 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b1e7f482-dd36-41c4-b908-0a3c551c8966
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1041 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1040 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1039 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1038 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1037 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1036 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1035 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1034 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c81ffc7-3108-464a-8d35-860e145a5d3d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1033 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:12 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d7e7a726-ec7e-4555-bbe1-22c6d20a58e9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1032 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1031 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1030 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1029 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1028 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1027 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f421a448-d7a4-41d4-b439-78f36cdaf8b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1026 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:11 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b609a198-230d-47ae-8000-c2d6a5b262d1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1025 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.IO.Compression.FileSystem
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ddb10995-a8d3-4bcf-8151-5bb00d924a87
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.IO.Compression.FileSystem
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.IO.Compression.FileSystem"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1024 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ddb10995-a8d3-4bcf-8151-5bb00d924a87
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1023 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1022 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1021 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1020 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1019 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1018 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1017 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1016 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f1c421fc-8239-4ab0-b3bd-dc21ffd2efaf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1015 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b609a198-230d-47ae-8000-c2d6a5b262d1
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1014 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1013 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1012 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1011 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1010 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1009 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d4760332-ab31-4d59-aa4e-343c140b57b8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1008 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=60a2f1a9-a4cf-4b38-b202-d26547a40937
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 1007 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $webclient_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8293d4c6-6eed-437b-9644-24837a685f0c
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $webclient_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value=" using System.Net;
public class ExtendedWebClient : WebClient {
public int Timeout;
public ExtendedWebClient() {
Timeout = 600000; // Default timeout value
}
protected override WebRequest GetWebRequest(System.Uri address) {
WebRequest request = base.GetWebRequest(address);
request.Timeout = Timeout;
return request;
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 1006 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8293d4c6-6eed-437b-9644-24837a685f0c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 1005 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1004 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1003 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1002 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1001 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1000 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 999 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 998 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=01b2e675-304e-4702-9f81-9fa76085523d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 997 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=60a2f1a9-a4cf-4b38-b202-d26547a40937
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 996 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 995 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 994 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 993 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 992 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 991 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=e01aac52-4594-44be-a3f0-910b511bf0ce
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 990 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=06ef29cf-1cfd-46ba-bec1-ad0fdefb61a5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 989 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f7b302d2-8949-4584-96f1-c4c6433e29f3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 988 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 987 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 986 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 985 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 984 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 983 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 982 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 981 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d584dfd8-331f-4032-88e9-e5a6f88679a2
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 980 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=06ef29cf-1cfd-46ba-bec1-ad0fdefb61a5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 979 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 978 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 977 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 976 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 975 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 974 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7caf7b04-a90e-437c-a54d-e35e46a1bd80
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 973 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=bdb48835-d08b-41ed-8b74-37b5e3c781de
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 972 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=beac37ff-6154-40da-a129-cfc4576ec9a2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 971 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=beac37ff-6154-40da-a129-cfc4576ec9a2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 970 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 969 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 968 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 967 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 966 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 965 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7fd1ebd-8574-4cad-bc4c-24dffdee2304
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5ACIAIAAtAEYAbwByAGMAZQAgAC0AUgBlAGMAdQByAHMAZQA7AAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 964 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=5.1.14393.1944
RunspaceId=bdb48835-d08b-41ed-8b74-37b5e3c781de
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 963 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 962 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 961 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 960 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 959 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 958 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b26867f-1549-4a7d-89cd-5dc4abe7df94
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABRAEEATQBBAEEAdQBBAEQARQBBAE0AdwBBAHQAQQBEAEUAQQBNAEEAQQAzAEEARABNAEEATwBRAEEAMQBBAEQAawBBAE4AZwBBADMAQQBEAFEAQQBNAFEAQQAzAEEARABBAEEATQBnAEEANQBBAEMASQBBAEkAQQBBAHQAQQBFAFkAQQBiAHcAQgB5AEEARwBNAEEAWgBRAEEAZwBBAEMAMABBAFUAZwBCAGwAQQBHAE0AQQBkAFEAQgB5AEEASABNAEEAWgBRAEEANwBBAEEAbwBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQQB0AEEARwA0AEEAYgB3AEIAMABBAEMAQQBBAEoAQQBBAC8AQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAUwBRAEIAbQBBAEMAQQBBAEsAQQBCAEgAQQBHAFUAQQBkAEEAQQB0AEEARgBZAEEAWQBRAEIAeQBBAEcAawBBAFkAUQBCAGkAQQBHAHcAQQBaAFEAQQBnAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAEwAUQBCAEYAQQBIAEkAQQBjAGcAQgB2AEEASABJAEEAUQBRAEIAagBBAEgAUQBBAGEAUQBCAHYAQQBHADQAQQBJAEEAQgBUAEEARwBrAEEAYgBBAEIAbABBAEcANABBAGQAQQBCAHMAQQBIAGsAQQBRAHcAQgB2AEEARwA0AEEAZABBAEIAcABBAEcANABBAGQAUQBCAGwAQQBDAGsAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBDAFEAQQBUAEEAQgBCAEEARgBNAEEAVgBBAEIARgBBAEYAZwBBAFMAUQBCAFUAQQBFAE0AQQBUAHcAQgBFAEEARQBVAEEASQBBAEIAOQBBAEMAQQBBAFIAUQBCAHMAQQBIAE0AQQBaAFEAQQBnAEEASABzAEEASQBBAEIAbABBAEgAZwBBAGEAUQBCADAAQQBDAEEAQQBNAFEAQQBnAEEASAAwAEEASQBBAEIAOQBBAEEAPQA9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 957 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a1c73131-d35b-40e4-9133-dc5b62125968
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 956 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f1df75b1-7470-4a03-95ae-1a2aab5e63c5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 955 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 954 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 953 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 952 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 951 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 950 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 949 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 948 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f44f7497-ecb9-48cc-b1aa-2b807dabc100
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 947 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=a1c73131-d35b-40e4-9133-dc5b62125968
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 946 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 945 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 944 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 943 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 942 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 941 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a98e0ad5-09b9-4a8f-9d07-94c96073d43f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 940 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=acb13f91-12fd-4e47-ab3b-a755b65a9a96
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 939 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=acb13f91-12fd-4e47-ab3b-a755b65a9a96
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 938 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 937 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 936 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 935 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 934 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 933 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=52014368-eb24-4d8a-b6f1-b857aaab4c2a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADQAMAAuADEAMwAtADEAMAA3ADMAOQA1ADkANgA3ADQAMQA3ADAAMgA5AFwAcwBvAHUAcgBjAGUAJwAKACQARABlAGIAdQBnAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBDAG8AbgB0AGkAbgB1AGUAIgAKACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA9ACAAIgBTAHQAbwBwACIACgBTAGUAdAAtAFMAdAByAGkAYwB0AE0AbwBkAGUAIAAtAFYAZQByAHMAaQBvAG4AIAAyAAoAJABmAGQAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEkATwAuAEYAaQBsAGUAXQA6ADoAQwByAGUAYQB0AGUAKAAkAHAAYQB0AGgAKQAKACQAcwBoAGEAMQAgAD0AIABbAFMAeQBzAHQAZQBtAC4AUwBlAGMAdQByAGkAdAB5AC4AQwByAHkAcAB0AG8AZwByAGEAcABoAHkALgBTAEgAQQAxAEMAcgB5AHAAdABvAFMAZQByAHYAaQBjAGUAUAByAG8AdgBpAGQAZQByAF0AOgA6AEMAcgBlAGEAdABlACgAKQAKACQAYgB5AHQAZQBzACAAPQAgAEAAKAApACAAIwBpAG4AaQB0AGkAYQBsAGkAegBlACAAZgBvAHIAIABlAG0AcAB0AHkAIABmAGkAbABlACAAYwBhAHMAZQAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACQAYgB5AHQAZQBzACAAPQAgAFsAUwB5AHMAdABlAG0ALgBDAG8AbgB2AGUAcgB0AF0AOgA6AEYAcgBvAG0AQgBhAHMAZQA2ADQAUwB0AHIAaQBuAGcAKAAkAGkAbgBwAHUAdAApAAoAJABzAGgAYQAxAC4AVAByAGEAbgBzAGYAbwByAG0AQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgALAAgACQAYgB5AHQAZQBzACwAIAAwACkAIAB8ACAATwB1AHQALQBOAHUAbABsAAoAJABmAGQALgBXAHIAaQB0AGUAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApAAoAfQAKAGUAbgBkACAAewAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEYAaQBuAGEAbABCAGwAbwBjAGsAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAaABhAHMAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQgBpAHQAQwBvAG4AdgBlAHIAdABlAHIAXQA6ADoAVABvAFMAdAByAGkAbgBnACgAJABzAGgAYQAxAC4ASABhAHMAaAApAC4AUgBlAHAAbABhAGMAZQAoACIALQAiACwAIAAiACIAKQAuAFQAbwBMAG8AdwBlAHIASQBuAHYAYQByAGkAYQBuAHQAKAApAAoAJABmAGQALgBDAGwAbwBzAGUAKAApAAoAVwByAGkAdABlAC0ATwB1AHQAcAB1AHQAIAAiAHsAIgAiAHMAaABhADEAIgAiADoAIgAiACQAaABhAHMAaAAiACIAfQAiAAoAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 932 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=53904c73-befc-4a37-8a93-0b01b1385f83
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 931 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ea5ca70c-5684-4d98-8ba2-91d0b3aa9707
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 930 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 929 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 928 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 927 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 926 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 925 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 924 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 923 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=12529825-a601-481b-a086-b421d773db13
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 922 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=53904c73-befc-4a37-8a93-0b01b1385f83
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 921 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 920 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 919 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 918 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 917 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 916 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=75e87b04-684c-47aa-98f2-6f5576ce4bd6
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 915 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c6f34789-1418-4dd6-830e-09a5dfd72494
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 914 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=d02e3344-6bfc-459b-ab71-d5b4ebc8677b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 913 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=5.1.14393.1944
RunspaceId=d02e3344-6bfc-459b-ab71-d5b4ebc8677b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 912 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 911 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 910 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 909 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 908 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 907 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a38650e6-a924-4c66-88e5-4b03bcf9893f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMANAAwAC4AMQAzAC0AMQAwADcAMwA5ADUAOQA2ADcANAAxADcAMAAyADkAJwAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAALQBJAG4AcAB1AHQATwBiAGoAZQBjAHQAIAAkAHQAbQBwAC4ARgB1AGwAbABOAGEAbQBlAAoASQBmACAAKAAtAG4AbwB0ACAAJAA/ACkAIAB7ACAASQBmACAAKABHAGUAdAAtAFYAYQByAGkAYQBiAGwAZQAgAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAALQBFAHIAcgBvAHIAQQBjAHQAaQBvAG4AIABTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACkAIAB7ACAAZQB4AGkAdAAgACQATABBAFMAVABFAFgASQBUAEMATwBEAEUAIAB9ACAARQBsAHMAZQAgAHsAIABlAHgAaQB0ACAAMQAgAH0AIAB9AA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 906 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=5.1.14393.1944
RunspaceId=c6f34789-1418-4dd6-830e-09a5dfd72494
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 905 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 904 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 903 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 902 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 901 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 900 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=aeb92dd0-dc13-4447-b894-9c18a945c986
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBOAEEAQQB3AEEAQwA0AEEATQBRAEEAegBBAEMAMABBAE0AUQBBAHcAQQBEAGMAQQBNAHcAQQA1AEEARABVAEEATwBRAEEAMgBBAEQAYwBBAE4AQQBBAHgAQQBEAGMAQQBNAEEAQQB5AEEARABrAEEASgB3AEEASwBBAEYAYwBBAGMAZwBCAHAAQQBIAFEAQQBaAFEAQQB0AEEARQA4AEEAZABRAEIAMABBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBMAFEAQgBKAEEARwA0AEEAYwBBAEIAMQBBAEgAUQBBAFQAdwBCAGkAQQBHAG8AQQBaAFEAQgBqAEEASABRAEEASQBBAEEAawBBAEgAUQBBAGIAUQBCAHcAQQBDADQAQQBSAGcAQgAxAEEARwB3AEEAYgBBAEIATwBBAEcARQBBAGIAUQBCAGwAQQBBAG8AQQBTAFEAQgBtAEEAQwBBAEEASwBBAEEAdABBAEcANABBAGIAdwBCADAAQQBDAEEAQQBKAEEAQQAvAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFMAUQBCAG0AQQBDAEEAQQBLAEEAQgBIAEEARwBVAEEAZABBAEEAdABBAEYAWQBBAFkAUQBCAHkAQQBHAGsAQQBZAFEAQgBpAEEARwB3AEEAWgBRAEEAZwBBAEUAdwBBAFEAUQBCAFQAQQBGAFEAQQBSAFEAQgBZAEEARQBrAEEAVgBBAEIARABBAEUAOABBAFIAQQBCAEYAQQBDAEEAQQBMAFEAQgBGAEEASABJAEEAYwBnAEIAdgBBAEgASQBBAFEAUQBCAGoAQQBIAFEAQQBhAFEAQgB2AEEARwA0AEEASQBBAEIAVABBAEcAawBBAGIAQQBCAGwAQQBHADQAQQBkAEEAQgBzAEEASABrAEEAUQB3AEIAdgBBAEcANABBAGQAQQBCAHAAQQBHADQAQQBkAFEAQgBsAEEAQwBrAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEAQwBRAEEAVABBAEIAQgBBAEYATQBBAFYAQQBCAEYAQQBGAGcAQQBTAFEAQgBVAEEARQBNAEEAVAB3AEIARQBBAEUAVQBBAEkAQQBCADkAQQBDAEEAQQBSAFEAQgBzAEEASABNAEEAWgBRAEEAZwBBAEgAcwBBAEkAQQBCAGwAQQBIAGcAQQBhAFEAQgAwAEEAQwBBAEEATQBRAEEAZwBBAEgAMABBAEkAQQBCADkAQQBBAD0APQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 899 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:39:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=80bcb308-63b0-4d86-899e-b5c2dd89c414
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 898 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=38379e3b-2b17-45e3-be28-d834f0fc1b9b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 897 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=38379e3b-2b17-45e3-be28-d834f0fc1b9b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 896 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 895 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 894 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 893 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 892 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 891 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b587c7ad-04a0-4a59-ac56-b302fa7bc875
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 890 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=80bcb308-63b0-4d86-899e-b5c2dd89c414
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 889 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 888 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 887 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 886 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 885 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 884 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a0b4c4b8-0f99-43aa-a1fc-d5fe175e5870
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATgBRAEEAdQBBAEQAVQBBAE8AQQBBAHQAQQBEAGMAQQBPAEEAQQAzAEEARABZAEEATQB3AEEAMgBBAEQAYwBBAE8AUQBBAHkAQQBEAE0AQQBOAGcAQQAwAEEARABRAEEATgBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 883 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5d73fb1c-05d9-43db-8f7d-05b323e40d56
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 882 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b48b1843-bfc5-43e2-8799-fcf92db8f16c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 881 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 880 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 879 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 878 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 877 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 876 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 875 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 874 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=6a4cec1c-4bca-454c-84b3-e8ab27518265
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 873 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5d73fb1c-05d9-43db-8f7d-05b323e40d56
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 872 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 871 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 870 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 869 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 868 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 867 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d3e9d0d1-2ac3-44ba-b396-8548cc9b2f3f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 866 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=785aec6a-8448-48c1-8b7c-324c2fed5db7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 865 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=785aec6a-8448-48c1-8b7c-324c2fed5db7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 864 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 863 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 862 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 861 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 860 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 859 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c432f787-b216-4853-97e7-8f557e97c652
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMANQAuADUAOAAtADcAOAA3ADYAMwA2ADcAOQAyADMANgA0ADQANgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 858 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=da7429c9-627e-43ba-9d56-cfd37bd55b4a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 857 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1a7ecfe0-0bd6-4523-a87d-6761b0f4cff5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 856 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 855 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 854 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 853 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 852 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 851 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 850 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 849 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0ee09ae3-6da7-46fa-ac88-27496e32c2da
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 848 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=da7429c9-627e-43ba-9d56-cfd37bd55b4a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 847 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 846 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 845 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 844 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 843 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 842 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8f5a52d0-ec7c-4c44-8fbd-382f4562ed3a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 841 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=e64db950-4b21-4b34-832b-9be419c03381
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 840 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6315d477-e59a-4b72-9eab-44cd589de08b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 839 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=6315d477-e59a-4b72-9eab-44cd589de08b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 838 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 837 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 836 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 835 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 834 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 833 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f30179a5-ff35-4afd-bd4d-2ad770f0ef48
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwA1AC4ANQA4AC0ANwA4ADcANgAzADYANwA5ADIAMwA2ADQANAA2ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 832 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=e64db950-4b21-4b34-832b-9be419c03381
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 831 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 830 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 829 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 828 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 827 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 826 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f9e33a62-b7e9-46dc-a8e0-6e58817e2ef3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQAxAEEAQwA0AEEATgBRAEEANABBAEMAMABBAE4AdwBBADQAQQBEAGMAQQBOAGcAQQB6AEEARABZAEEATgB3AEEANQBBAEQASQBBAE0AdwBBADIAQQBEAFEAQQBOAEEAQQAyAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 825 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=44abbb6b-8d8f-4439-aaf7-8ee70089d250
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 824 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=fc67850c-95ac-459f-9f16-38e98f6a6de2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 823 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=fc67850c-95ac-459f-9f16-38e98f6a6de2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 822 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 821 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 820 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 819 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 818 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 817 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8ab2b05c-3352-4cb1-92a4-182255d7a044
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 816 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=44abbb6b-8d8f-4439-aaf7-8ee70089d250
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 815 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 814 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 813 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 812 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 811 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 810 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c6ffee3c-ada9-407b-a863-2f9e6e609d4c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABNAEEATQBRAEEAdQBBAEQASQBBAE4AZwBBAHQAQQBEAFUAQQBPAEEAQQAwAEEARABjAEEATwBRAEEAMgBBAEQAYwBBAE0AdwBBADIAQQBEAGsAQQBNAHcAQQA0AEEARABVAEEATgBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 809 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=65c78a5f-8f89-45aa-baa0-edc890a2c999
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 808 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4a651227-7314-4271-b80c-90b11b80d39f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 807 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 806 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 805 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 804 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 803 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 802 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 801 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 800 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=b641bcb5-6862-4193-8b58-31032d3385b7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 799 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=65c78a5f-8f89-45aa-baa0-edc890a2c999
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 798 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 797 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 796 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 795 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 794 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 793 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a188f996-3034-4879-909d-a9a2654c5694
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 792 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=bfa4cc59-ee50-41cb-8546-11c543314a7a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 791 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=bfa4cc59-ee50-41cb-8546-11c543314a7a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 790 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 789 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 788 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 787 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 786 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 785 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=03e7470e-0a5a-4390-bf19-0ffb1a817810
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADMAMQAuADIANgAtADUAOAA0ADcAOQA2ADcAMwA2ADkAMwA4ADUANABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 784 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c466c6b4-b1aa-404e-956d-cdd44a7fb69b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 783 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b532d316-e553-4830-ab5b-c66147ac4e1b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 782 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 781 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 780 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 779 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 778 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 777 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 776 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 775 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=11463373-db3b-43c0-bbdd-51d359502d85
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 774 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c466c6b4-b1aa-404e-956d-cdd44a7fb69b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 773 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 772 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 771 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 770 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 769 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 768 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6b423665-de09-4775-bb9a-66e28d7b7db5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 767 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=eeb09ce0-9bcf-4803-803f-f058ed6c4edc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 766 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=d7f1f710-0c89-41cb-9aa2-37828e4d79ec
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 765 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=d7f1f710-0c89-41cb-9aa2-37828e4d79ec
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 764 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 763 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 762 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 761 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 760 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 759 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fd731ad9-7f53-4491-bea0-a41f92bb8ef6
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMwAxAC4AMgA2AC0ANQA4ADQANwA5ADYANwAzADYAOQAzADgANQA0ACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 758 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=eeb09ce0-9bcf-4803-803f-f058ed6c4edc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 757 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 756 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 755 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 754 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 753 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 752 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b34d3e3-1d65-4f57-88f8-9b820998cb22
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAHcAQQB4AEEAQwA0AEEATQBnAEEAMgBBAEMAMABBAE4AUQBBADQAQQBEAFEAQQBOAHcAQQA1AEEARABZAEEATgB3AEEAegBBAEQAWQBBAE8AUQBBAHoAQQBEAGcAQQBOAFEAQQAwAEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 751 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=384aba49-521d-48ef-ab16-adc8b2cc30c6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 750 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=540fafd0-ebda-44f5-8f06-9d60529441a3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 749 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=540fafd0-ebda-44f5-8f06-9d60529441a3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 748 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 747 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 746 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 745 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 744 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 743 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f98d5e07-da35-49aa-9d59-3cd0ed11daeb
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 742 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=384aba49-521d-48ef-ab16-adc8b2cc30c6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 741 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 740 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 739 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 738 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 737 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 736 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=bda3b179-0037-45b3-b872-9365b5032757
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATgBnAEEAdQBBAEQAawBBAE8AQQBBAHQAQQBEAFEAQQBOAFEAQQB5AEEARABZAEEATQBRAEEANABBAEQAWQBBAE0AdwBBADAAQQBEAEUAQQBNAFEAQQB3AEEARABnAEEATQBnAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 735 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=693ba4bd-0025-483e-b950-066f89ad4bbd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 734 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8fd8fbd7-526a-453c-a178-b1b32debf772
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 733 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 732 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 731 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 730 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 729 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 728 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 727 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 726 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=d93c6fe0-9825-4168-ad3d-c09f77c14c0f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 725 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=693ba4bd-0025-483e-b950-066f89ad4bbd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 724 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 723 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 722 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 721 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 720 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 719 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=401adebe-e8ff-44df-b2e7-e1353f5fe656
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 718 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=22c0d073-3c2b-4ff7-b2ba-6d8979581c38
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 717 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=22c0d073-3c2b-4ff7-b2ba-6d8979581c38
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 716 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 715 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 714 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 713 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 712 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 711 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1edd2601-6453-4377-8be4-b59bdc82f0ac
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIANgAuADkAOAAtADQANQAyADYAMQA4ADYAMwA0ADEAMQAwADgAMgBcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 710 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:49 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=faf3f349-7a32-45c5-a157-2d7ec4014147
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 709 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e3faf388-9ec2-435a-a5bf-baa59c121312
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 708 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 707 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 706 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 705 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 704 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 703 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 702 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 701 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=21f16593-8618-463c-8bea-eaddba4c04fd
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 700 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=faf3f349-7a32-45c5-a157-2d7ec4014147
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 699 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 698 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 697 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 696 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 695 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 694 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8599aaf8-c00c-4242-878d-a223ab3bdfb8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 693 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=8a0ab2ee-9069-47b3-9ee4-d25a0b4a735f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 692 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c7139104-0912-43ff-9718-e77f5e727437
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 691 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=c7139104-0912-43ff-9718-e77f5e727437
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 690 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 689 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 688 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 687 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 686 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 685 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=037b422d-2d8c-4ddd-9e3b-6d45cea20660
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgA2AC4AOQA4AC0ANAA1ADIANgAxADgANgAzADQAMQAxADAAOAAyACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 684 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=8a0ab2ee-9069-47b3-9ee4-d25a0b4a735f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 683 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 682 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 681 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 680 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 679 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 678 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dd84e08-189a-4d01-a76b-5d7c2e3669d0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQAyAEEAQwA0AEEATwBRAEEANABBAEMAMABBAE4AQQBBADEAQQBEAEkAQQBOAGcAQQB4AEEARABnAEEATgBnAEEAegBBAEQAUQBBAE0AUQBBAHgAQQBEAEEAQQBPAEEAQQB5AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 677 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:47 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=74fa44b0-7534-40a4-9063-a2ae3aa6f113
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 676 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=8fb6d043-6748-49b4-ba6c-2f7bd85604a7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 675 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=8fb6d043-6748-49b4-ba6c-2f7bd85604a7
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 674 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 673 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 672 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 671 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 670 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 669 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6f4be239-0c6a-4a39-9567-0d27f784678f
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgBSAGUAbQBvAHYAZQAtAEkAdABlAG0AIAAiAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMAAiACAALQBGAG8AcgBjAGUAIAAtAFIAZQBjAHUAcgBzAGUAOwAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 668 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=5.1.14393.1944
RunspaceId=74fa44b0-7534-40a4-9063-a2ae3aa6f113
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 667 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 666 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 665 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 664 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 663 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 662 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=48ab33d5-546a-4866-a9de-b0dc931710bb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBCAFMAQQBHAFUAQQBiAFEAQgB2AEEASABZAEEAWgBRAEEAdABBAEUAawBBAGQAQQBCAGwAQQBHADAAQQBJAEEAQQBpAEEARQBNAEEATwBnAEIAYwBBAEYAVQBBAGMAdwBCAGwAQQBIAEkAQQBjAHcAQgBjAEEARQBFAEEAWgBBAEIAdABBAEcAawBBAGIAZwBCAGMAQQBFAEUAQQBjAEEAQgB3AEEARQBRAEEAWQBRAEIAMABBAEcARQBBAFgAQQBCAE0AQQBHADgAQQBZAHcAQgBoAEEARwB3AEEAWABBAEIAVQBBAEcAVQBBAGIAUQBCAHcAQQBGAHcAQQBZAFEAQgB1AEEASABNAEEAYQBRAEIAaQBBAEcAdwBBAFoAUQBBAHQAQQBIAFEAQQBiAFEAQgB3AEEAQwAwAEEATQBRAEEAMgBBAEQAVQBBAE4AdwBBAHgAQQBEAE0AQQBOAGcAQQB6AEEARABJAEEATQBnAEEAdQBBAEQAVQBBAEwAUQBBAHkAQQBEAEkAQQBPAEEAQQAxAEEARABNAEEATwBBAEEAMgBBAEQAYwBBAE0AQQBBADQAQQBEAGcAQQBOAEEAQQAyAEEARABrAEEATQBBAEEAaQBBAEMAQQBBAEwAUQBCAEcAQQBHADgAQQBjAGcAQgBqAEEARwBVAEEASQBBAEEAdABBAEYASQBBAFoAUQBCAGoAQQBIAFUAQQBjAGcAQgB6AEEARwBVAEEATwB3AEEASwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBMAFEAQgB1AEEARwA4AEEAZABBAEEAZwBBAEMAUQBBAFAAdwBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARQBrAEEAWgBnAEEAZwBBAEMAZwBBAFIAdwBCAGwAQQBIAFEAQQBMAFEAQgBXAEEARwBFAEEAYwBnAEIAcABBAEcARQBBAFkAZwBCAHMAQQBHAFUAQQBJAEEAQgBNAEEARQBFAEEAVQB3AEIAVQBBAEUAVQBBAFcAQQBCAEoAQQBGAFEAQQBRAHcAQgBQAEEARQBRAEEAUgBRAEEAZwBBAEMAMABBAFIAUQBCAHkAQQBIAEkAQQBiAHcAQgB5AEEARQBFAEEAWQB3AEIAMABBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBVAHcAQgBwAEEARwB3AEEAWgBRAEIAdQBBAEgAUQBBAGIAQQBCADUAQQBFAE0AQQBiAHcAQgB1AEEASABRAEEAYQBRAEIAdQBBAEgAVQBBAFoAUQBBAHAAQQBDAEEAQQBlAHcAQQBnAEEARwBVAEEAZQBBAEIAcABBAEgAUQBBAEkAQQBBAGsAQQBFAHcAQQBRAFEAQgBUAEEARgBRAEEAUgBRAEIAWQBBAEUAawBBAFYAQQBCAEQAQQBFADgAQQBSAEEAQgBGAEEAQwBBAEEAZgBRAEEAZwBBAEUAVQBBAGIAQQBCAHoAQQBHAFUAQQBJAEEAQgA3AEEAQwBBAEEAWgBRAEIANABBAEcAawBBAGQAQQBBAGcAQQBEAEUAQQBJAEEAQgA5AEEAQwBBAEEAZgBRAEEAPQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 661 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=faa7372e-c32a-4bfb-9cd0-76a15790815b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 660 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=58a95c10-7691-4448-86d1-6ba1de219e1e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 659 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 658 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 657 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 656 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 655 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 654 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 653 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 652 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f2e2e848-0ed2-4604-ab5e-b50f6d9e3234
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 651 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:46 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=faa7372e-c32a-4bfb-9cd0-76a15790815b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 650 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 649 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 648 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 647 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 646 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 645 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6c660403-74ec-410e-9b05-81d10451a79e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 644 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=6d6c3303-f83a-49ae-91d1-281c36356d8f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 643 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=5.1.14393.1944
RunspaceId=6d6c3303-f83a-49ae-91d1-281c36356d8f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 642 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 641 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 640 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 639 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 638 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 637 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f21bc0ce-442c-4c55-8a95-91668c08af15
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand YgBlAGcAaQBuACAAewAKACQAcABhAHQAaAAgAD0AIAAnAEMAOgBcAFUAcwBlAHIAcwBcAEEAZABtAGkAbgBcAEEAcABwAEQAYQB0AGEAXABMAG8AYwBhAGwAXABUAGUAbQBwAFwAYQBuAHMAaQBiAGwAZQAtAHQAbQBwAC0AMQA2ADUANwAxADMANgAzADIAMgAuADUALQAyADIAOAA1ADMAOAA2ADcAMAA4ADgANAA2ADkAMABcAHMAbwB1AHIAYwBlACcACgAkAEQAZQBiAHUAZwBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAQwBvAG4AdABpAG4AdQBlACIACgAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlACAAPQAgACIAUwB0AG8AcAAiAAoAUwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAAMgAKACQAZgBkACAAPQAgAFsAUwB5AHMAdABlAG0ALgBJAE8ALgBGAGkAbABlAF0AOgA6AEMAcgBlAGEAdABlACgAJABwAGEAdABoACkACgAkAHMAaABhADEAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAFMAZQBjAHUAcgBpAHQAeQAuAEMAcgB5AHAAdABvAGcAcgBhAHAAaAB5AC4AUwBIAEEAMQBDAHIAeQBwAHQAbwBTAGUAcgB2AGkAYwBlAFAAcgBvAHYAaQBkAGUAcgBdADoAOgBDAHIAZQBhAHQAZQAoACkACgAkAGIAeQB0AGUAcwAgAD0AIABAACgAKQAgACMAaQBuAGkAdABpAGEAbABpAHoAZQAgAGYAbwByACAAZQBtAHAAdAB5ACAAZgBpAGwAZQAgAGMAYQBzAGUACgB9AAoAcAByAG8AYwBlAHMAcwAgAHsACgAkAGIAeQB0AGUAcwAgAD0AIABbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABpAG4AcAB1AHQAKQAKACQAcwBoAGEAMQAuAFQAcgBhAG4AcwBmAG8AcgBtAEIAbABvAGMAawAoACQAYgB5AHQAZQBzACwAIAAwACwAIAAkAGIAeQB0AGUAcwAuAEwAZQBuAGcAdABoACwAIAAkAGIAeQB0AGUAcwAsACAAMAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAAKACQAZgBkAC4AVwByAGkAdABlACgAJABiAHkAdABlAHMALAAgADAALAAgACQAYgB5AHQAZQBzAC4ATABlAG4AZwB0AGgAKQAKAH0ACgBlAG4AZAAgAHsACgAkAHMAaABhADEALgBUAHIAYQBuAHMAZgBvAHIAbQBGAGkAbgBhAGwAQgBsAG8AYwBrACgAJABiAHkAdABlAHMALAAgADAALAAgADAAKQAgAHwAIABPAHUAdAAtAE4AdQBsAGwACgAkAGgAYQBzAGgAIAA9ACAAWwBTAHkAcwB0AGUAbQAuAEIAaQB0AEMAbwBuAHYAZQByAHQAZQByAF0AOgA6AFQAbwBTAHQAcgBpAG4AZwAoACQAcwBoAGEAMQAuAEgAYQBzAGgAKQAuAFIAZQBwAGwAYQBjAGUAKAAiAC0AIgAsACAAIgAiACkALgBUAG8ATABvAHcAZQByAEkAbgB2AGEAcgBpAGEAbgB0ACgAKQAKACQAZgBkAC4AQwBsAG8AcwBlACgAKQAKAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAIgB7ACIAIgBzAGgAYQAxACIAIgA6ACIAIgAkAGgAYQBzAGgAIgAiAH0AIgAKAH0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 636 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0015d546-8b86-4111-a788-e2edcaebc354
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 635 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=6cc64e8e-bad4-4f9d-9ac1-d0ce8cf6a56c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 634 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 633 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 632 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 631 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 630 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 629 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 628 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 627 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=341b8f3a-719e-4e95-9c2b-29709ef91005
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 626 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:44 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0015d546-8b86-4111-a788-e2edcaebc354
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 625 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 624 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 623 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 622 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 621 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 620 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d7f1fe0e-f02b-4579-883e-dd92f6175c54
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 619 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=ab08a269-d470-4981-9e14-62e2d2b26dbc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 618 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b10d0365-19fa-4ae3-8ff0-9a3a5aa07f0a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 617 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:43 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=5.1.14393.1944
RunspaceId=b10d0365-19fa-4ae3-8ff0-9a3a5aa07f0a
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 616 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 615 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 614 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 613 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 612 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 611 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=253f026b-830a-4f72-8b68-ddc298c74311
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UwBlAHQALQBTAHQAcgBpAGMAdABNAG8AZABlACAALQBWAGUAcgBzAGkAbwBuACAATABhAHQAZQBzAHQACgAkAHQAbQBwAF8AcABhAHQAaAAgAD0AIABbAFMAeQBzAHQAZQBtAC4ARQBuAHYAaQByAG8AbgBtAGUAbgB0AF0AOgA6AEUAeABwAGEAbgBkAEUAbgB2AGkAcgBvAG4AbQBlAG4AdABWAGEAcgBpAGEAYgBsAGUAcwAoACcAJQBUAEUATQBQACUAJwApAAoAJAB0AG0AcAAgAD0AIABOAGUAdwAtAEkAdABlAG0AIAAtAFQAeQBwAGUAIABEAGkAcgBlAGMAdABvAHIAeQAgAC0AUABhAHQAaAAgACQAdABtAHAAXwBwAGEAdABoACAALQBOAGEAbQBlACAAJwBhAG4AcwBpAGIAbABlAC0AdABtAHAALQAxADYANQA3ADEAMwA2ADMAMgAyAC4ANQAtADIAMgA4ADUAMwA4ADYANwAwADgAOAA0ADYAOQAwACcACgBXAHIAaQB0AGUALQBPAHUAdABwAHUAdAAgAC0ASQBuAHAAdQB0AE8AYgBqAGUAYwB0ACAAJAB0AG0AcAAuAEYAdQBsAGwATgBhAG0AZQAKAEkAZgAgACgALQBuAG8AdAAgACQAPwApACAAewAgAEkAZgAgACgARwBlAHQALQBWAGEAcgBpAGEAYgBsAGUAIABMAEEAUwBUAEUAWABJAFQAQwBPAEQARQAgAC0ARQByAHIAbwByAEEAYwB0AGkAbwBuACAAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQApACAAewAgAGUAeABpAHQAIAAkAEwAQQBTAFQARQBYAEkAVABDAE8ARABFACAAfQAgAEUAbABzAGUAIAB7ACAAZQB4AGkAdAAgADEAIAB9ACAAfQA=
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 610 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=5.1.14393.1944
RunspaceId=ab08a269-d470-4981-9e14-62e2d2b26dbc
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 609 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 608 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 607 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 606 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 605 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 604 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=21d87de1-8180-480b-8752-64055c99d4a7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAAVQB3AEIAbABBAEgAUQBBAEwAUQBCAFQAQQBIAFEAQQBjAGcAQgBwAEEARwBNAEEAZABBAEIATgBBAEcAOABBAFoAQQBCAGwAQQBDAEEAQQBMAFEAQgBXAEEARwBVAEEAYwBnAEIAegBBAEcAawBBAGIAdwBCAHUAQQBDAEEAQQBUAEEAQgBoAEEASABRAEEAWgBRAEIAegBBAEgAUQBBAEMAZwBBAGsAQQBIAFEAQQBiAFEAQgB3AEEARgA4AEEAYwBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBEADAAQQBJAEEAQgBiAEEARgBNAEEAZQBRAEIAegBBAEgAUQBBAFoAUQBCAHQAQQBDADQAQQBSAFEAQgB1AEEASABZAEEAYQBRAEIAeQBBAEcAOABBAGIAZwBCAHQAQQBHAFUAQQBiAGcAQgAwAEEARgAwAEEATwBnAEEANgBBAEUAVQBBAGUAQQBCAHcAQQBHAEUAQQBiAGcAQgBrAEEARQBVAEEAYgBnAEIAMgBBAEcAawBBAGMAZwBCAHYAQQBHADQAQQBiAFEAQgBsAEEARwA0AEEAZABBAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEAYwB3AEEAbwBBAEMAYwBBAEoAUQBCAFUAQQBFAFUAQQBUAFEAQgBRAEEAQwBVAEEASgB3AEEAcABBAEEAbwBBAEoAQQBCADAAQQBHADAAQQBjAEEAQQBnAEEARAAwAEEASQBBAEIATwBBAEcAVQBBAGQAdwBBAHQAQQBFAGsAQQBkAEEAQgBsAEEARwAwAEEASQBBAEEAdABBAEYAUQBBAGUAUQBCAHcAQQBHAFUAQQBJAEEAQgBFAEEARwBrAEEAYwBnAEIAbABBAEcATQBBAGQAQQBCAHYAQQBIAEkAQQBlAFEAQQBnAEEAQwAwAEEAVQBBAEIAaABBAEgAUQBBAGEAQQBBAGcAQQBDAFEAQQBkAEEAQgB0AEEASABBAEEAWAB3AEIAdwBBAEcARQBBAGQAQQBCAG8AQQBDAEEAQQBMAFEAQgBPAEEARwBFAEEAYgBRAEIAbABBAEMAQQBBAEoAdwBCAGgAQQBHADQAQQBjAHcAQgBwAEEARwBJAEEAYgBBAEIAbABBAEMAMABBAGQAQQBCAHQAQQBIAEEAQQBMAFEAQQB4AEEARABZAEEATgBRAEEAMwBBAEQARQBBAE0AdwBBADIAQQBEAE0AQQBNAGcAQQB5AEEAQwA0AEEATgBRAEEAdABBAEQASQBBAE0AZwBBADQAQQBEAFUAQQBNAHcAQQA0AEEARABZAEEATgB3AEEAdwBBAEQAZwBBAE8AQQBBADAAQQBEAFkAQQBPAFEAQQB3AEEAQwBjAEEAQwBnAEIAWABBAEgASQBBAGEAUQBCADAAQQBHAFUAQQBMAFEAQgBQAEEASABVAEEAZABBAEIAdwBBAEgAVQBBAGQAQQBBAGcAQQBDADAAQQBTAFEAQgB1AEEASABBAEEAZABRAEIAMABBAEUAOABBAFkAZwBCAHEAQQBHAFUAQQBZAHcAQgAwAEEAQwBBAEEASgBBAEIAMABBAEcAMABBAGMAQQBBAHUAQQBFAFkAQQBkAFEAQgBzAEEARwB3AEEAVABnAEIAaABBAEcAMABBAFoAUQBBAEsAQQBFAGsAQQBaAGcAQQBnAEEAQwBnAEEATABRAEIAdQBBAEcAOABBAGQAQQBBAGcAQQBDAFEAQQBQAHcAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEUAawBBAFoAZwBBAGcAQQBDAGcAQQBSAHcAQgBsAEEASABRAEEATABRAEIAVwBBAEcARQBBAGMAZwBCAHAAQQBHAEUAQQBZAGcAQgBzAEEARwBVAEEASQBBAEIATQBBAEUARQBBAFUAdwBCAFUAQQBFAFUAQQBXAEEAQgBKAEEARgBRAEEAUQB3AEIAUABBAEUAUQBBAFIAUQBBAGcAQQBDADAAQQBSAFEAQgB5AEEASABJAEEAYgB3AEIAeQBBAEUARQBBAFkAdwBCADAAQQBHAGsAQQBiAHcAQgB1AEEAQwBBAEEAVQB3AEIAcABBAEcAdwBBAFoAUQBCAHUAQQBIAFEAQQBiAEEAQgA1AEEARQBNAEEAYgB3AEIAdQBBAEgAUQBBAGEAUQBCAHUAQQBIAFUAQQBaAFEAQQBwAEEAQwBBAEEAZQB3AEEAZwBBAEcAVQBBAGUAQQBCAHAAQQBIAFEAQQBJAEEAQQBrAEEARQB3AEEAUQBRAEIAVABBAEYAUQBBAFIAUQBCAFkAQQBFAGsAQQBWAEEAQgBEAEEARQA4AEEAUgBBAEIARgBBAEMAQQBBAGYAUQBBAGcAQQBFAFUAQQBiAEEAQgB6AEEARwBVAEEASQBBAEIANwBBAEMAQQBBAFoAUQBCADQAQQBHAGsAQQBkAEEAQQBnAEEARABFAEEASQBBAEIAOQBBAEMAQQBBAGYAUQBBAD0A
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 603 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=23319f7b-55b0-42b0-9122-28575ef9193d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 602 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:42 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b56c709d-0a84-43cf-a71a-0b4d9321423f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 601 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 600 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 599 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 598 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 597 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 596 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 595 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 594 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1c62da5c-6c88-42be-b646-abd2dadeae89
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 593 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=23319f7b-55b0-42b0-9122-28575ef9193d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 592 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 591 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 590 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 589 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 588 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 587 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0b0eb292-1eb1-4618-828f-d6b5430b20ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 586 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:41 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b191a3a5-dacf-4664-9cdc-f42fd330d60c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 585 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f9d0c0a2-e5ec-4b63-86d6-2c176c487d0d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 584 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 583 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 582 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 581 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 580 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 579 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 578 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 577 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ae84415d-62fe-41ef-8a5a-894d1c287f72
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 576 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b191a3a5-dacf-4664-9cdc-f42fd330d60c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 575 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 574 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 573 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 572 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 571 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 570 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9c19198f-e138-4caa-bac9-bb9f7f4f89a5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 569 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:39 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0af33c8c-d323-43cc-ad65-fbd348bf8b07
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 568 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5b9164e9-d800-4563-9ad6-c71a6c7590b2
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 567 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5b9164e9-d800-4563-9ad6-c71a6c7590b2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 566 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 565 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 564 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 563 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 562 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 561 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 560 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 559 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=374000a3-01d0-4240-b47c-32703bc71506
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 558 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:38 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0af33c8c-d323-43cc-ad65-fbd348bf8b07
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 557 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 556 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 555 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 554 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 553 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 552 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=33780dfa-9b3a-4a0e-9e47-824a4d2777c8
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 551 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7ed537c0-3619-454b-8dc6-4ce643cff132
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 550 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=37bada44-fe94-40f6-bd61-acabc68d37f8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 549 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 548 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 547 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 546 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 545 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 544 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 543 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 542 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0820360d-a1f5-495f-b2cc-83c97f4f9ccb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 541 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7ed537c0-3619-454b-8dc6-4ce643cff132
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 540 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 539 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 538 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 537 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 536 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 535 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2979e9b6-df84-470e-a990-a4bb2a00d9c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 534 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5b01b871-57b7-4a64-9514-7f799865712e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 533 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:34 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=2f72839c-5e2e-43bf-ad98-9c385604a890
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 532 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 531 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 530 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 529 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 528 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 527 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 526 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 525 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a1d839ff-4fc3-46a5-a8ea-7845479e1ce5
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 524 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:27 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=5b01b871-57b7-4a64-9514-7f799865712e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 523 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 522 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 521 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 520 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 519 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 518 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=cf1325f0-d1ac-40f2-bf1f-73bebb26eb1a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 517 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0df1f8db-6b9d-4515-91e4-f5d63c222ce2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 516 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1d519aba-f55f-4495-b7f7-ddd73f630476
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 515 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 514 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 513 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 512 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 511 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 510 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 509 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 508 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=37387059-f3dc-49a4-a2a6-608dea2cd61c
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 507 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0df1f8db-6b9d-4515-91e4-f5d63c222ce2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 506 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 505 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 504 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 503 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 502 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 501 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c183989f-6659-41f6-876b-56f9575a5f25
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 500 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:24 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=072bf821-1d20-4667-aa17-c40836a8bade
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 499 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=22cad7a0-c307-4bc5-aac4-308c709884cd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 498 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 497 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 496 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 495 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 494 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 493 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 492 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 491 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=0e59a628-1881-4f12-9ad4-ebb6d40a69df
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 490 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=072bf821-1d20-4667-aa17-c40836a8bade
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 489 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 488 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 487 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 486 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 485 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 484 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5885bda9-22fa-406d-9de6-b33f09f5826a
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 483 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1f047179-3f24-4744-8590-cf42d4a93491
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 482 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1b6ce5f3-8627-45d7-80e0-0742e87f283e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 481 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 480 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 479 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 478 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 477 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 476 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 475 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 474 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=98021435-e70a-458a-be11-dcfdb51e7eed
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 473 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=1f047179-3f24-4744-8590-cf42d4a93491
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 472 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 471 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 470 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 469 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 468 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 467 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=d1616d0e-6081-46ae-a69c-b14980eb4e26
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 466 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4b974333-ba2f-48f7-b13c-270109723829
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 465 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:19 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=73f5c89b-e8f5-4f10-9281-904c5d4a1ed0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 464 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 463 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 462 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 461 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 460 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 459 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 458 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 457 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e0a42d7b-8fca-48b9-a2ae-fec3a6061ae3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 456 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=4b974333-ba2f-48f7-b13c-270109723829
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 455 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 454 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 453 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 452 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 451 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 450 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=9ff5f158-c5d5-4866-81e0-f4656437b9ba
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 449 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=73451f32-a57b-46ab-9bb2-9d4cf1679cc4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 448 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:14 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f514fbb-b697-43be-95d0-13fa6efa61f6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 447 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 446 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 445 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 444 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 443 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 442 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 441 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 440 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=33104008-3666-4951-b621-f12edd88ed4f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 439 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:10 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=73451f32-a57b-46ab-9bb2-9d4cf1679cc4
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 438 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 437 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 436 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 435 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 434 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 433 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f0443154-b924-482a-a304-0a7c0216ffad
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 432 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=944847fa-a487-4005-872f-c0fcf5ec37ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 431 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=239e1476-4d09-4b34-ac74-9844a5f8a9bd
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 430 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:09 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=239e1476-4d09-4b34-ac74-9844a5f8a9bd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 429 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 428 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 427 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 426 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 425 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 424 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 423 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 422 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f21b459a-10e0-4ed3-bf14-c76ebf10cff1
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 421 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=944847fa-a487-4005-872f-c0fcf5ec37ef
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 420 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 419 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 418 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 417 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 416 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 415 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ef91676f-a1b9-4d68-b72d-43f044ba0dcf
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 414 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:08 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=febade66-2fbd-4ee5-bf28-794399f4a6dd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 413 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c44ef9d4-05df-45b1-94cb-2ab3cf5b5d49
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 412 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=c44ef9d4-05df-45b1-94cb-2ab3cf5b5d49
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 411 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 410 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 409 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 408 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 407 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 406 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 405 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 404 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=73523336-49e0-4876-bd45-67a800cfcedc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 403 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:07 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=febade66-2fbd-4ee5-bf28-794399f4a6dd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 402 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 401 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 400 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 399 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 398 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 397 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2305ff75-e0ad-49a1-9213-c3e86b233522
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 396 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0aac8e5d-49aa-49c3-813e-78f54847c297
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 395 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ad269117-acc1-4ee7-b3f5-801383731606
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 394 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ad269117-acc1-4ee7-b3f5-801383731606
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 393 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 392 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 391 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 390 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 389 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 388 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 387 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 386 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a6782102-d585-4fc8-8d12-af0fa78e9042
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 385 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:06 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0aac8e5d-49aa-49c3-813e-78f54847c297
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 384 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 383 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 382 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 381 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 380 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 379 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=67c376c7-83e6-41bb-80e5-b8341f32d009
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 378 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7ebf238f-2361-42b1-9809-31761c1e932e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 377 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=638a0cf3-c28b-421b-a513-ea670b24884c
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 376 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:05 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=638a0cf3-c28b-421b-a513-ea670b24884c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 375 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 374 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 373 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 372 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 371 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 370 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 369 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 368 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=4999ae11-fdfd-44cd-8b4d-5a4352a3c593
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 367 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:04 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7ebf238f-2361-42b1-9809-31761c1e932e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 366 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 365 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 364 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 363 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 362 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 361 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=f902815e-32d5-4e6c-98ab-dda021aa8337
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 360 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8c0581bc-5aa1-4dc4-93b1-d49669d3920b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 359 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d24a2a20-0680-45e3-854a-dfce3105ca3f
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 358 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=d24a2a20-0680-45e3-854a-dfce3105ca3f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 357 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 356 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 355 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 354 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 353 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 352 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 351 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 350 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e777ba8e-3389-4fc1-aa71-c5a665095e86
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 349 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:03 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8c0581bc-5aa1-4dc4-93b1-d49669d3920b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 348 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 347 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 346 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 345 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 344 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 343 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ac9043b3-d6f9-4b3b-8a2a-973fff297aa9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 342 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=62ebad40-7273-4b53-8886-cf58a40b266e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 341 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=fd02c244-ef21-400f-92ea-a3a740c356c5
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 340 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:02 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=fd02c244-ef21-400f-92ea-a3a740c356c5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 339 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 338 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 337 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 336 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 335 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 334 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 333 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 332 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=8da8b754-24b1-4e88-93e1-1e434ef8c03d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 331 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=62ebad40-7273-4b53-8886-cf58a40b266e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 330 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 329 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 328 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 327 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 326 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 325 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6802def9-4d7e-4619-80c8-1d7a719d0fd7
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 324 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:01 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=76dc1881-15ac-4536-a554-7b54439924ac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 323 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b0ba32f9-3d60-4bba-aaf0-d38d0563118c
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 322 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b0ba32f9-3d60-4bba-aaf0-d38d0563118c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 321 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 320 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 319 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 318 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 317 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 316 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 315 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 314 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=1f3fe209-8c7c-4fe5-818f-9bf70767137e
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 313 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:38:00 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=76dc1881-15ac-4536-a554-7b54439924ac
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 312 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 311 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 310 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 309 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 308 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 307 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=1dded6f7-d0c9-4050-b18e-82f1da7166c4
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 306 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ce672e5b-3977-4135-8bd0-3440f6ffab9e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 305 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0d1e7b30-d97e-4c89-b7f0-7b20ae041dc9
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 304 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0d1e7b30-d97e-4c89-b7f0-7b20ae041dc9
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 303 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 302 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 301 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 300 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 299 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 298 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 297 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 296 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=632891ac-7753-437f-8dd5-eed659de61dc
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 295 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:59 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=ce672e5b-3977-4135-8bd0-3440f6ffab9e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 294 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 293 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 292 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 291 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 290 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 289 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=83725872-47ed-44e9-9b70-c009fc9787fb
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 288 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8a45cf1f-5769-4ff9-be83-68904175b1ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 287 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0a680c5c-e583-4479-91ed-cef8a68d5376
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 286 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:58 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=0a680c5c-e583-4479-91ed-cef8a68d5376
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 285 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 284 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 283 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 282 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 281 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 280 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 279 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 278 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=35d9ee3d-b4c1-4bdb-8a43-6da2762b4a12
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 277 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:57 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=8a45cf1f-5769-4ff9-be83-68904175b1ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 276 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 275 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 274 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 273 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 272 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 271 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=0a8da832-3b4d-45f2-9099-32e1dec9f2ff
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 270 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dfd3da91-0ffa-490d-b3ab-fbafa8a5346b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 269 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f5b2b55-8045-4b18-8e3a-daa84a3fe896
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 268 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7f5b2b55-8045-4b18-8e3a-daa84a3fe896
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 267 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 266 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 265 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 264 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 263 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 262 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 261 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 260 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f9738ae9-c30d-4819-a70e-5b4949fb5ad0
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 259 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:56 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=dfd3da91-0ffa-490d-b3ab-fbafa8a5346b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 258 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 257 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 256 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 255 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 254 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 253 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=908839a6-713a-4d68-9839-52f018e07b43
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 252 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b57176dd-cf8b-45b9-8ae4-45be222314cd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 251 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=11d65940-d90d-4f08-87b2-31ab13375639
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 250 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:55 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=11d65940-d90d-4f08-87b2-31ab13375639
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 249 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 248 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 247 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 246 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 245 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 244 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 243 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 242 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=715ae39e-3ba7-4457-9d48-bcd814434ad3
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 241 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=b57176dd-cf8b-45b9-8ae4-45be222314cd
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 240 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 239 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 238 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 237 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 236 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 235 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c0e5070b-0641-490c-8d0b-e9df892abd9d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 234 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:54 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=81eb6eb7-ec92-4f2b-a291-248fa620f30c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 233 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $symlink_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=326f6d8e-2fc8-49bb-8b96-8dd85bf43e31
PipelineId=5
ScriptName=
CommandLine=Add-Type -TypeDefinition $symlink_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.ComponentModel;
using System.Runtime.InteropServices;
namespace Ansible.Command {
public class SymLinkHelper {
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool DeleteFileW(string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern bool RemoveDirectoryW(string lpPathName);
public static void DeleteDirectory(string path) {
if (!RemoveDirectoryW(path))
throw new Exception(String.Format("RemoveDirectoryW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
public static void DeleteFile(string path) {
if (!DeleteFileW(path))
throw new Exception(String.Format("DeleteFileW({0}) failed: {1}", path, new Win32Exception(Marshal.GetLastWin32Error()).Message));
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 232 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=326f6d8e-2fc8-49bb-8b96-8dd85bf43e31
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 231 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 230 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 229 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 228 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 227 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 226 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 225 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 224 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca8331bf-ecbb-49d9-9c70-7dd88c55e403
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 223 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:53 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=81eb6eb7-ec92-4f2b-a291-248fa620f30c
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 222 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 221 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 220 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 219 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 218 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 217 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=07a8dbbf-4f7c-4ebc-85e4-03eb5261f42f
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 216 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:52 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=35
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=fdbfacbf-886a-4839-afdd-17d9fe2aae5b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 215 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=5.1.14393.1944
RunspaceId=632d32ab-d584-4361-9275-e74cac109bf2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 214 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=5.1.14393.1944
RunspaceId=632d32ab-d584-4361-9275-e74cac109bf2
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 213 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 212 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 211 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 210 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 209 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 208 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7f5b2bfb-6601-4967-ae35-5628a443dd10
HostApplication=powershell.exe -noninteractive -encodedcommand WwBDAG8AbgBzAG8AbABlAF0AOgA6AEkAbgBwAHUAdABFAG4AYwBvAGQAaQBuAGcAIAA9ACAATgBlAHcALQBPAGIAagBlAGMAdAAgAFQAZQB4AHQALgBVAFQARgA4AEUAbgBjAG8AZABpAG4AZwAgACQAZgBhAGwAcwBlADsAIABuAGUAdAAgAHUAcwBlAHIAIABhAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByACAAUABhAHMAcwB3ADAAcgBkAA==
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 207 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:51 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $process_util
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=33
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7072f27e-8e22-4034-bc89-86def3ca9277
PipelineId=7
ScriptName=
CommandLine= Add-Type -TypeDefinition $process_util
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using Microsoft.Win32.SafeHandles;
using System;
using System.Collections;
using System.IO;
using System.Linq;
using System.Runtime.InteropServices;
using System.Text;
using System.Threading;
namespace Ansible
{
[StructLayout(LayoutKind.Sequential)]
public class SECURITY_ATTRIBUTES
{
public int nLength;
public IntPtr lpSecurityDescriptor;
public bool bInheritHandle = false;
public SECURITY_ATTRIBUTES()
{
nLength = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFO
{
public Int32 cb;
public IntPtr lpReserved;
public IntPtr lpDesktop;
public IntPtr lpTitle;
public Int32 dwX;
public Int32 dwY;
public Int32 dwXSize;
public Int32 dwYSize;
public Int32 dwXCountChars;
public Int32 dwYCountChars;
public Int32 dwFillAttribute;
public Int32 dwFlags;
public Int16 wShowWindow;
public Int16 cbReserved2;
public IntPtr lpReserved2;
public SafeFileHandle hStdInput;
public SafeFileHandle hStdOutput;
public SafeFileHandle hStdError;
public STARTUPINFO()
{
cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public class STARTUPINFOEX
{
public STARTUPINFO startupInfo;
public IntPtr lpAttributeList;
public STARTUPINFOEX()
{
startupInfo = new STARTUPINFO();
startupInfo.cb = Marshal.SizeOf(this);
}
}
[StructLayout(LayoutKind.Sequential)]
public struct PROCESS_INFORMATION
{
public IntPtr hProcess;
public IntPtr hThread;
public int dwProcessId;
public int dwThreadId;
}
[Flags]
public enum StartupInfoFlags : uint
{
USESTDHANDLES = 0x00000100
}
public enum HandleFlags : uint
{
None = 0,
INHERIT = 1
}
class NativeWaitHandle : WaitHandle
{
public NativeWaitHandle(IntPtr handle)
{
this.SafeWaitHandle = new SafeWaitHandle(handle, false);
}
}
public class Win32Exception : System.ComponentModel.Win32Exception
{
private string _msg;
public Win32Exception(string message) : this(Marshal.GetLastWin32Error(), message) { }
public Win32Exception(int errorCode, string message) : base(errorCode)
{
_msg = String.Format("{0} ({1}, Win32ErrorCode {2})", message, base.Message, errorCode);
}
public override string Message { get { return _msg; } }
public static explicit operator Win32Exception(string message) { return new Win32Exception(message); }
}
public class CommandUtil
{
private static UInt32 CREATE_UNICODE_ENVIRONMENT = 0x000000400;
private static UInt32 EXTENDED_STARTUPINFO_PRESENT = 0x00080000;
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode, BestFitMapping = false)]
public static extern bool CreateProcess(
[MarshalAs(UnmanagedType.LPWStr)]
string lpApplicationName,
StringBuilder lpCommandLine,
IntPtr lpProcessAttributes,
IntPtr lpThreadAttributes,
bool bInheritHandles,
uint dwCreationFlags,
IntPtr lpEnvironment,
[MarshalAs(UnmanagedType.LPWStr)]
string lpCurrentDirectory,
STARTUPINFOEX lpStartupInfo,
out PROCESS_INFORMATION lpProcessInformation);
[DllImport("kernel32.dll")]
public static extern bool CreatePipe(
out SafeFileHandle hReadPipe,
out SafeFileHandle hWritePipe,
SECURITY_ATTRIBUTES lpPipeAttributes,
uint nSize);
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool SetHandleInformation(
SafeFileHandle hObject,
HandleFlags dwMask,
int dwFlags);
[DllImport("kernel32.dll", SetLastError = true)]
private static extern bool GetExitCodeProcess(
IntPtr hProcess,
out uint lpExitCode);
[DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern uint SearchPath(
string lpPath,
string lpFileName,
string lpExtension,
int nBufferLength,
[MarshalAs (UnmanagedType.LPTStr)]
StringBuilder lpBuffer,
out IntPtr lpFilePart);
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW(
[MarshalAs(UnmanagedType.LPWStr)]
string lpCmdLine,
out int pNumArgs);
public static string[] ParseCommandLine(string lpCommandLine)
{
int numArgs;
IntPtr ret = CommandLineToArgvW(lpCommandLine, out numArgs);
if (ret == IntPtr.Zero)
throw new Win32Exception("Error parsing command line");
IntPtr[] strptrs = new IntPtr[numArgs];
Marshal.Copy(ret, strptrs, 0, numArgs);
string[] cmdlineParts = strptrs.Select(s => Marshal.PtrToStringUni(s)).ToArray();
Marshal.FreeHGlobal(ret);
return cmdlineParts;
}
public static string SearchPath(string lpFileName)
{
StringBuilder sbOut = new StringBuilder(1024);
IntPtr filePartOut;
if (SearchPath(null, lpFileName, null, sbOut.Capacity, sbOut, out filePartOut) == 0)
throw new FileNotFoundException(String.Format("Could not locate the following executable {0}", lpFileName));
return sbOut.ToString();
}
public class CommandResult
{
public string StandardOut { get; internal set; }
public string StandardError { get; internal set; }
public uint ExitCode { get; internal set; }
}
public static CommandResult RunCommand(string lpApplicationName, string lpCommandLine, string lpCurrentDirectory, string stdinInput, IDictionary environment)
{
UInt32 startup_flags = CREATE_UNICODE_ENVIRONMENT | EXTENDED_STARTUPINFO_PRESENT;
STARTUPINFOEX si = new STARTUPINFOEX();
si.startupInfo.dwFlags = (int)StartupInfoFlags.USESTDHANDLES;
SECURITY_ATTRIBUTES pipesec = new SECURITY_ATTRIBUTES();
pipesec.bInheritHandle = true;
// Create the stdout, stderr and stdin pipes used in the process and add to the startupInfo
SafeFileHandle stdout_read, stdout_write, stderr_read, stderr_write, stdin_read, stdin_write;
if (!CreatePipe(out stdout_read, out stdout_write, pipesec, 0))
throw new Win32Exception("STDOUT pipe setup failed");
if (!SetHandleInformation(stdout_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDOUT pipe handle setup failed");
if (!CreatePipe(out stderr_read, out stderr_write, pipesec, 0))
throw new Win32Exception("STDERR pipe setup failed");
if (!SetHandleInformation(stderr_read, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDERR pipe handle setup failed");
if (!CreatePipe(out stdin_read, out stdin_write, pipesec, 0))
throw new Win32Exception("STDIN pipe setup failed");
if (!SetHandleInformation(stdin_write, HandleFlags.INHERIT, 0))
throw new Win32Exception("STDIN pipe handle setup failed");
si.startupInfo.hStdOutput = stdout_write;
si.startupInfo.hStdError = stderr_write;
si.startupInfo.hStdInput = stdin_read;
// Setup the stdin buffer
UTF8Encoding utf8_encoding = new UTF8Encoding(false);
FileStream stdin_fs = new FileStream(stdin_write, FileAccess.Write, 32768);
StreamWriter stdin = new StreamWriter(stdin_fs, utf8_encoding, 32768);
// If lpCurrentDirectory is set to null in PS it will be an empty
// string here, we need to convert it
if (lpCurrentDirectory == "")
lpCurrentDirectory = null;
StringBuilder environmentString = null;
if (environment != null && environment.Count > 0)
{
environmentString = new StringBuilder();
foreach (DictionaryEntry kv in environment)
environmentString.AppendFormat("{0}={1}\0", kv.Key, kv.Value);
environmentString.Append('\0');
}
// Create the environment block if set
IntPtr lpEnvironment = IntPtr.Zero;
if (environmentString != null)
lpEnvironment = Marshal.StringToHGlobalUni(environmentString.ToString());
// Create new process and run
StringBuilder argument_string = new StringBuilder(lpCommandLine);
PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
if (!CreateProcess(
lpApplicationName,
argument_string,
IntPtr.Zero,
IntPtr.Zero,
true,
startup_flags,
lpEnvironment,
lpCurrentDirectory,
si,
out pi))
{
throw new Win32Exception("Failed to create new process");
}
// Setup the output buffers and get stdout/stderr
FileStream stdout_fs = new FileStream(stdout_read, FileAccess.Read, 4096);
StreamReader stdout = new StreamReader(stdout_fs, utf8_encoding, true, 4096);
stdout_write.Close();
FileStream stderr_fs = new FileStream(stderr_read, FileAccess.Read, 4096);
StreamReader stderr = new StreamReader(stderr_fs, utf8_encoding, true, 4096);
stderr_write.Close();
stdin.WriteLine(stdinInput);
stdin.Close();
string stdout_str, stderr_str = null;
GetProcessOutput(stdout, stderr, out stdout_str, out stderr_str);
uint rc = GetProcessExitCode(pi.hProcess);
return new CommandResult
{
StandardOut = stdout_str,
StandardError = stderr_str,
ExitCode = rc
};
}
private static void GetProcessOutput(StreamReader stdoutStream, StreamReader stderrStream, out string stdout, out string stderr)
{
var sowait = new EventWaitHandle(false, EventResetMode.ManualReset);
var sewait = new EventWaitHandle(false, EventResetMode.ManualReset);
string so = null, se = null;
ThreadPool.QueueUserWorkItem((s) =>
{
so = stdoutStream.ReadToEnd();
sowait.Set();
});
ThreadPool.QueueUserWorkItem((s) =>
{
se = stderrStream.ReadToEnd();
sewait.Set();
});
foreach (var wh in new WaitHandle[] { sowait, sewait })
wh.WaitOne();
stdout = so;
stderr = se;
}
private static uint GetProcessExitCode(IntPtr processHandle)
{
new NativeWaitHandle(processHandle).WaitOne();
uint exitCode;
if (!GetExitCodeProcess(processHandle, out exitCode))
throw new Win32Exception("Error getting process exit code");
return exitCode;
}
}
}"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 206 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:50 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=7072f27e-8e22-4034-bc89-86def3ca9277
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 205 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 204 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 203 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 202 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 201 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 200 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 199 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 198 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=e7f5f0cb-e5fb-4b04-b4f6-d08ee3cb01c9
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 197 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=fdbfacbf-886a-4839-afdd-17d9fe2aae5b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 196 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 195 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 194 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 193 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 192 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 191 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=5cbe7214-d481-489c-8faa-6f429f946552
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 190 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=36
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aef3be31-1d8e-4ad6-a5ae-31558916480d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 189 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:45 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.DirectoryServices.AccountManagement
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=34
UserId=HV-CINDER-84889\Admin
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9b5cd749-f212-4ed9-b63b-55decfe6ff55
PipelineId=5
ScriptName=
CommandLine= Add-Type -AssemblyName System.DirectoryServices.AccountManagement
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.DirectoryServices.AccountManagement"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 188 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:40 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=9b5cd749-f212-4ed9-b63b-55decfe6ff55
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 187 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 186 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 185 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 184 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 183 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 182 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 181 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 180 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=a667a2af-c01e-44e8-889b-456833efe5ea
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 179 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:32 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=aef3be31-1d8e-4ad6-a5ae-31558916480d
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 178 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 177 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 176 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 175 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 174 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 173 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=6e797d0d-225e-4e93-948a-dab2d9d1e564
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 172 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=33
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f46fa694-00aa-4540-80ee-277180eb7b91
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 171 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=31
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=e8df8fa5-20e9-42c1-abc2-089d305cea1e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 170 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=29
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 169 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=27
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 168 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=25
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 167 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=23
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 166 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=21
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 165 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=19
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 164 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 163 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=ca25a6c3-aa7c-46b3-930f-d7f06c6f99fa
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 162 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=5.1.14393.1944
RunspaceId=f46fa694-00aa-4540-80ee-277180eb7b91
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 161 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 160 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 159 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 158 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 157 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 156 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=2a4d40b5-5253-4d5e-bb89-8b7e4a31858d
HostApplication=PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 155 | PowerShell | | Windows PowerShell | | | hv-cinder-84889 | | 7/6/2022 7:37:22 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=17
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=5.1.14393.1944
RunspaceId=7daab07d-0651-4522-8638-68cfa15aacea
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 154 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "WSMan" is Started.
Details:
ProviderName=WSMan
NewProviderState=Started
SequenceNumber=15
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 153 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Certificate" is Started.
Details:
ProviderName=Certificate
NewProviderState=Started
SequenceNumber=13
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 152 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 151 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 150 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 149 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 148 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 147 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=Default Host
HostVersion=5.1.14393.1944
HostId=f12a398c-107d-4e0f-819a-ffc53bc92407
HostApplication=C:\windows\system32\ServerManager.exe -arw
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 146 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:43:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=5.1.14393.1944
RunspaceId=aec94911-82d5-4605-ada7-e49055ea6007
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 145 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 144 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 143 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 142 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 141 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 140 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c54d91e0-8178-4d66-adf6-1769cb7a50d5
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 139 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:41:47 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=5.1.14393.1944
RunspaceId=8db922f0-0511-49c4-b38a-fbdb0b2889c8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 138 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 137 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 136 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 135 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 134 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 133 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=7a6064d3-caf8-4b2c-90d6-6614b6bb2722
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 132 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:27:28 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=5.1.14393.1944
RunspaceId=f313b4cd-0f39-498d-9ea1-7d6a0388a78e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 131 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 130 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 129 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 128 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 127 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 126 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a2011431-ed26-493a-9d87-2110cadf0708
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 125 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:23:42 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=5.1.14393.1944
RunspaceId=36a249c5-de3e-419e-a7df-98ad369b2d9e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 124 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 123 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 122 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 121 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 120 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 119 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=c2f4985e-6412-4fdf-bb96-36c7724b824a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 118 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:19:21 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=19
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=52ed0133-95ba-4d7e-a2ba-ec8c934216bb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 117 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 9:11:43 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=98467050-eab8-4e58-97d4-7e9397ff0dd0
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 116 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:07 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=98467050-eab8-4e58-97d4-7e9397ff0dd0
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 115 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:06 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 114 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 113 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 112 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 111 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 110 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=472903c4-35b3-4c83-9276-711692bf7dcf
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 109 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=52ed0133-95ba-4d7e-a2ba-ec8c934216bb
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 108 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:05 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=52ed0133-95ba-4d7e-a2ba-ec8c934216bb
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 107 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 106 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 105 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 104 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 103 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 102 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=8d90c0c8-a196-44ca-8b2d-eea3c4a4191a
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 101 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:55:03 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=17
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=4d6fad3d-f0b3-4bbe-8ad9-b26d9ec7292f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 100 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:54:38 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=a4a0a07f-06ac-4a2d-86a2-f4c056fed0a8
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 99 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:16 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=a4a0a07f-06ac-4a2d-86a2-f4c056fed0a8
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 98 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 97 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 96 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 95 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 94 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 93 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=995b7f6b-ae81-4871-be65-0f9f65a759a3
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 92 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:14 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=4d6fad3d-f0b3-4bbe-8ad9-b26d9ec7292f
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 91 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=4d6fad3d-f0b3-4bbe-8ad9-b26d9ec7292f
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 90 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:11 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 89 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 88 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 87 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 86 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 85 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=ea279757-10d2-4b3f-aea3-9bd56d8b557d
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 84 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:51:10 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=17
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=c332c739-15b8-4812-b056-a474dd9993ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 83 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:45:55 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=27951a80-e512-49a7-b578-8a8c4c59ae5e
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 82 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:16 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=27951a80-e512-49a7-b578-8a8c4c59ae5e
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 81 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 80 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 79 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 78 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 77 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 76 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a3c4b136-8b92-4591-8d05-55b9cc36181c
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 75 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=c332c739-15b8-4812-b056-a474dd9993ce
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 74 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:15 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=c332c739-15b8-4812-b056-a474dd9993ce
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 73 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 72 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 71 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 70 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 69 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 68 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=fb254b8e-13be-4f9e-988c-f1dc5bcf1c3e
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 67 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/19/2018 8:24:13 AM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=4d7d6ea6-001a-4f6f-8ec6-2fb1c9710a0b
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 66 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=4d7d6ea6-001a-4f6f-8ec6-2fb1c9710a0b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 65 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 64 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 63 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 62 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 61 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 60 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=3b12ced5-170e-4ade-ada5-d47a03367310
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 59 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:21 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=0abd4cfa-d693-4f23-b0cc-b5ff1c872ac6
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 58 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:20 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=0abd4cfa-d693-4f23-b0cc-b5ff1c872ac6
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 57 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 56 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 55 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 54 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 53 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 52 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=a50f47e2-8630-4973-8a45-00e6a9d807c9
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 51 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:07:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=17
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=21324846-87d1-4add-8e96-8b8ecf3baec5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 50 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 6:02:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=435f43b7-5ec6-41ea-9e53-9b93107b8d41
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 49 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.1944
RunspaceId=435f43b7-5ec6-41ea-9e53-9b93107b8d41
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 48 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 47 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 46 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 45 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 44 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 43 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=4c0ae675-b105-412a-be64-2005b0dcac13
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 42 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:28 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=21324846-87d1-4add-8e96-8b8ecf3baec5
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 41 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:26 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.1944
RunspaceId=21324846-87d1-4add-8e96-8b8ecf3baec5
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 40 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 39 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 38 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 37 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 36 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 35 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.1944
HostId=b2985717-76be-43ef-9b0a-41db65a781f6
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 34 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:43:23 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=17
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.0
RunspaceId=9f172a18-8cea-4b39-aef6-cb820c01f9d3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 33 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:35:48 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.0
RunspaceId=e01d735e-b2d6-4538-b5bc-96db397d918b
PipelineId=1
ScriptName=
CommandLine=Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="AssemblyName"; value="System.Windows.Forms"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 32 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=5.1.14393.0
RunspaceId=e01d735e-b2d6-4538-b5bc-96db397d918b
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 31 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 30 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 29 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 28 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 27 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 26 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=db882125-c9ba-4a77-b198-18055547ec63
HostApplication=C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-Type -AssemblyName System.Windows.Forms;while (1) {[System.Windows.Forms.SendKeys]::SendWait('~');start-sleep 50;}
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 25 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Pipeline execution details for command line: Add-Type -TypeDefinition $Source -Language CSharp
.
Context Information:
DetailSequence=1
DetailTotal=1
SequenceNumber=15
UserId=WIN-5T344G8GM1H\Administrator
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.0
RunspaceId=9f172a18-8cea-4b39-aef6-cb820c01f9d3
PipelineId=1
ScriptName=C:\UnattendResources\ini.psm1
CommandLine=Add-Type -TypeDefinition $Source -Language CSharp
Details:
CommandInvocation(Add-Type): "Add-Type"
ParameterBinding(Add-Type): name="TypeDefinition"; value="using System;
using System.Text;
using System.Runtime.InteropServices;
namespace PSCloudbase
{
public sealed class Win32IniApi
{
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
public static extern uint GetPrivateProfileString(
string lpAppName,
string lpKeyName,
string lpDefault,
StringBuilder lpReturnedString,
uint nSize,
string lpFileName);
[DllImport("kernel32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool WritePrivateProfileString(
string lpAppName,
string lpKeyName,
StringBuilder lpString, // Don't use string, as Powershell replaces with an empty string
string lpFileName);
[DllImport("Kernel32.dll")]
public static extern uint GetLastError();
}
}"
ParameterBinding(Add-Type): name="Language"; value="CSharp"
| 800 | | 0 | 4 | 8 | | 36028797018963968 | 24 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:31 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Pipeline Execution Details | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=5.1.14393.0
RunspaceId=9f172a18-8cea-4b39-aef6-cb820c01f9d3
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 23 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 22 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 21 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 20 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 19 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 18 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=c8f34489-4e8b-4b9c-84c9-71725a4cc1f0
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Logon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 17 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:30 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=5.1.14393.0
RunspaceId=8cefcba8-87f3-4fed-b96a-f2c105b2f3da
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 16 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:17 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=5.1.14393.0
RunspaceId=8cefcba8-87f3-4fed-b96a-f2c105b2f3da
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 15 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:16 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 14 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 13 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 12 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 11 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 10 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=f8b52ff0-c0fa-41d2-8730-2edabd513ac2
HostApplication=C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\FirstLogon.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 9 | PowerShell | | Windows PowerShell | | | WIN-5T344G8GM1H | | 1/16/2018 5:02:15 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from Available to Stopped.
Details:
NewEngineState=Stopped
PreviousEngineState=Available
SequenceNumber=15
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=5.1.14393.0
RunspaceId=16e771eb-c367-43f8-b362-2bd303750968
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 403 | | 0 | 4 | 4 | | 36028797018963968 | 8 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:37 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Engine state is changed from None to Available.
Details:
NewEngineState=Available
PreviousEngineState=None
SequenceNumber=13
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=5.1.14393.0
RunspaceId=16e771eb-c367-43f8-b362-2bd303750968
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 400 | | 0 | 4 | 4 | | 36028797018963968 | 7 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:36 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Engine Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Variable" is Started.
Details:
ProviderName=Variable
NewProviderState=Started
SequenceNumber=11
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 6 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Function" is Started.
Details:
ProviderName=Function
NewProviderState=Started
SequenceNumber=9
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 5 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "FileSystem" is Started.
Details:
ProviderName=FileSystem
NewProviderState=Started
SequenceNumber=7
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 4 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Environment" is Started.
Details:
ProviderName=Environment
NewProviderState=Started
SequenceNumber=5
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 3 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Alias" is Started.
Details:
ProviderName=Alias
NewProviderState=Started
SequenceNumber=3
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 2 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Provider "Registry" is Started.
Details:
ProviderName=Registry
NewProviderState=Started
SequenceNumber=1
HostName=ConsoleHost
HostVersion=5.1.14393.0
HostId=2fd1a573-9000-4aa5-8a71-3f725488857f
HostApplication=powershell -NoLogo -NonInteractive -ExecutionPolicy RemoteSigned -File C:\UnattendResources\Specialize.ps1
EngineVersion=
RunspaceId=
PipelineId=
CommandName=
CommandType=
ScriptName=
CommandPath=
CommandLine= | 600 | | 0 | 4 | 6 | | 36028797018963968 | 1 | PowerShell | | Windows PowerShell | | | WIN-PD8DQPRRTAO | | 1/16/2018 5:01:35 PM | | | windows powershell | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Provider Lifecycle | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |