| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3041 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:23:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3040 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:23:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3039 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:23:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3038 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:23:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3037 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:23:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 1EFAF17E-4DEA-45E9-A81E-859DD32AA80C--D4AF88BF-FB6C-4DF8-AC4F-40E2BE825441 (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3036 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3788 | 2688 | hv-cinder-85505 | S-1-5-83-1-519762302-1172917738-2642747048-212347603 | 9/1/2022 3:23:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1EFAF17E-4DEA-45E9-A81E-859DD32AA80C--D4AF88BF-FB6C-4DF8-AC4F-40E2BE825441 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3035 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3788 | 2688 | hv-cinder-85505 | S-1-5-83-1-519762302-1172917738-2642747048-212347603 | 9/1/2022 3:23:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 31AB7669-E9F4-4E0F-A291-CD24A10532E2--D1087318-EE0C-4C44-B2F0-00666D26D409 (Friendly Name: 90adff24-fc23-4b5b-8d49-45304b231ab9). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3034 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4100 | 4908 | hv-cinder-85505 | S-1-5-83-1-833320553-1309665780-617451938-3794929057 | 9/1/2022 3:22:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 31AB7669-E9F4-4E0F-A291-CD24A10532E2--D1087318-EE0C-4C44-B2F0-00666D26D409 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3033 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4100 | 4908 | hv-cinder-85505 | S-1-5-83-1-833320553-1309665780-617451938-3794929057 | 9/1/2022 3:22:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 31AB7669-E9F4-4E0F-A291-CD24A10532E2--D1087318-EE0C-4C44-B2F0-00666D26D409 (Friendly Name: 90adff24-fc23-4b5b-8d49-45304b231ab9) successfully connected to port 0D38C21F-93B8-4D31-97F5-47FAFB7EF47A (Friendly Name: 90adff24-fc23-4b5b-8d49-45304b231ab9) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3032 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4100 | 2680 | hv-cinder-85505 | S-1-5-83-1-833320553-1309665780-617451938-3794929057 | 9/1/2022 3:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 31AB7669-E9F4-4E0F-A291-CD24A10532E2--D1087318-EE0C-4C44-B2F0-00666D26D409 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3031 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4100 | 2680 | hv-cinder-85505 | | 9/1/2022 3:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3030 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3029 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:22:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1EFAF17E-4DEA-45E9-A81E-859DD32AA80C--D4AF88BF-FB6C-4DF8-AC4F-40E2BE825441 (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849) successfully connected to port 251A3474-22C2-4A40-9DA3-7A97CE64724C (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3028 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3788 | 2688 | hv-cinder-85505 | S-1-5-83-1-519762302-1172917738-2642747048-212347603 | 9/1/2022 3:21:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 1EFAF17E-4DEA-45E9-A81E-859DD32AA80C--D4AF88BF-FB6C-4DF8-AC4F-40E2BE825441 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3027 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3788 | 2688 | hv-cinder-85505 | | 9/1/2022 3:21:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic CCA3E3B7-5083-4A68-88F4-4CFA4F729138--73126A56-476B-47B6-B780-8CB1969CCA37 (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3026 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2508 | 4352 | hv-cinder-85505 | S-1-5-83-1-3433292727-1248350339-4199347336-949056079 | 9/1/2022 3:21:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CCA3E3B7-5083-4A68-88F4-4CFA4F729138--73126A56-476B-47B6-B780-8CB1969CCA37 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3025 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2508 | 4352 | hv-cinder-85505 | S-1-5-83-1-3433292727-1248350339-4199347336-949056079 | 9/1/2022 3:21:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 026417D7-9FFE-4CC7-92FB-25B3DF349B6F--A9B5534B-11C0-4D30-8F76-16D714983B08 (Friendly Name: f33acb60-da09-4314-afc1-2277ee600086). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3024 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1164 | 4860 | hv-cinder-85505 | S-1-5-83-1-40114135-1288151038-3005610898-1872442591 | 9/1/2022 3:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 026417D7-9FFE-4CC7-92FB-25B3DF349B6F--A9B5534B-11C0-4D30-8F76-16D714983B08 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3023 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1164 | 4860 | hv-cinder-85505 | S-1-5-83-1-40114135-1288151038-3005610898-1872442591 | 9/1/2022 3:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 026417D7-9FFE-4CC7-92FB-25B3DF349B6F--A9B5534B-11C0-4D30-8F76-16D714983B08 (Friendly Name: f33acb60-da09-4314-afc1-2277ee600086) successfully connected to port 0A809774-6B04-4223-A2F5-3217637BE3C0 (Friendly Name: f33acb60-da09-4314-afc1-2277ee600086) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3022 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1164 | 3088 | hv-cinder-85505 | S-1-5-83-1-40114135-1288151038-3005610898-1872442591 | 9/1/2022 3:19:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 026417D7-9FFE-4CC7-92FB-25B3DF349B6F--A9B5534B-11C0-4D30-8F76-16D714983B08 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3021 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1164 | 3088 | hv-cinder-85505 | | 9/1/2022 3:19:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 00849459-25B8-47E4-BF1F-40C5E1A944AC--F2AA4122-B6EF-4E97-857B-AF9E988AA82A (Friendly Name: e5855db7-b4de-43ae-98e4-6d9eb28a3c4c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3020 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1072 | 4644 | hv-cinder-85505 | S-1-5-83-1-8688729-1206134200-3309313983-2890181089 | 9/1/2022 3:19:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 00849459-25B8-47E4-BF1F-40C5E1A944AC--F2AA4122-B6EF-4E97-857B-AF9E988AA82A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3019 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1072 | 4644 | hv-cinder-85505 | S-1-5-83-1-8688729-1206134200-3309313983-2890181089 | 9/1/2022 3:19:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CCA3E3B7-5083-4A68-88F4-4CFA4F729138--73126A56-476B-47B6-B780-8CB1969CCA37 (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849) successfully connected to port 5F3BAC31-A9DD-4CB7-963B-56EC419916CD (Friendly Name: eea785e2-0df4-4517-874e-5d7581c1e849) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3018 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2508 | 4352 | hv-cinder-85505 | S-1-5-83-1-3433292727-1248350339-4199347336-949056079 | 9/1/2022 3:19:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic CCA3E3B7-5083-4A68-88F4-4CFA4F729138--73126A56-476B-47B6-B780-8CB1969CCA37 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3017 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2508 | 4352 | hv-cinder-85505 | | 9/1/2022 3:19:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 00849459-25B8-47E4-BF1F-40C5E1A944AC--F2AA4122-B6EF-4E97-857B-AF9E988AA82A (Friendly Name: e5855db7-b4de-43ae-98e4-6d9eb28a3c4c) successfully connected to port 51717A84-3F9C-404E-BBD0-ED20FE0A385D (Friendly Name: e5855db7-b4de-43ae-98e4-6d9eb28a3c4c) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3016 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1072 | 4144 | hv-cinder-85505 | S-1-5-83-1-8688729-1206134200-3309313983-2890181089 | 9/1/2022 3:18:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 00849459-25B8-47E4-BF1F-40C5E1A944AC--F2AA4122-B6EF-4E97-857B-AF9E988AA82A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3015 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1072 | 4144 | hv-cinder-85505 | | 9/1/2022 3:18:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 99175574-0B4B-4F7D-9AE5-B4A44567DA25--8753451B-7293-447A-91B0-5369CA3F1265 (Friendly Name: 4e705573-d8f2-4d69-81d9-97e349b4cc00). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3014 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2728 | 4844 | hv-cinder-85505 | S-1-5-83-1-2568443252-1333594955-2763318682-635070277 | 9/1/2022 3:18:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 99175574-0B4B-4F7D-9AE5-B4A44567DA25--8753451B-7293-447A-91B0-5369CA3F1265 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3013 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2728 | 4844 | hv-cinder-85505 | S-1-5-83-1-2568443252-1333594955-2763318682-635070277 | 9/1/2022 3:18:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9AAD3DB6-5877-4774-A9FC-45F84CF26B24--F70557A3-7406-4AD7-8374-3BBE47316456 (Friendly Name: 6377f8ba-1fbe-4b3a-8880-72f31710650d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3012 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4736 | 4956 | hv-cinder-85505 | S-1-5-83-1-2595044790-1198807159-4165336233-611054156 | 9/1/2022 3:18:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9AAD3DB6-5877-4774-A9FC-45F84CF26B24--F70557A3-7406-4AD7-8374-3BBE47316456 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3011 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4736 | 4956 | hv-cinder-85505 | S-1-5-83-1-2595044790-1198807159-4165336233-611054156 | 9/1/2022 3:18:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 76C999A7-1145-4C89-A9E1-74D5A21A9824--53E53DC0-8F16-48EA-8FFC-18338C18473F (Friendly Name: 52de010b-ae57-47a2-9c86-20712db6003c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3010 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4980 | 3576 | hv-cinder-85505 | S-1-5-83-1-1992923559-1284051269-3581206953-613948066 | 9/1/2022 3:17:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76C999A7-1145-4C89-A9E1-74D5A21A9824--53E53DC0-8F16-48EA-8FFC-18338C18473F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3009 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4980 | 3576 | hv-cinder-85505 | S-1-5-83-1-1992923559-1284051269-3581206953-613948066 | 9/1/2022 3:17:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 76C999A7-1145-4C89-A9E1-74D5A21A9824--53E53DC0-8F16-48EA-8FFC-18338C18473F (Friendly Name: 52de010b-ae57-47a2-9c86-20712db6003c) successfully connected to port 0DBFC143-A4A6-471B-9854-177F5D892E7C (Friendly Name: 52de010b-ae57-47a2-9c86-20712db6003c) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3008 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4980 | 4916 | hv-cinder-85505 | S-1-5-83-1-1992923559-1284051269-3581206953-613948066 | 9/1/2022 3:17:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 76C999A7-1145-4C89-A9E1-74D5A21A9824--53E53DC0-8F16-48EA-8FFC-18338C18473F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3007 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4980 | 4916 | hv-cinder-85505 | | 9/1/2022 3:17:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9AAD3DB6-5877-4774-A9FC-45F84CF26B24--F70557A3-7406-4AD7-8374-3BBE47316456 (Friendly Name: 6377f8ba-1fbe-4b3a-8880-72f31710650d) successfully connected to port 2AB33E82-F07B-472E-8363-0E0EC94607B5 (Friendly Name: 6377f8ba-1fbe-4b3a-8880-72f31710650d) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3006 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4736 | 4956 | hv-cinder-85505 | S-1-5-83-1-2595044790-1198807159-4165336233-611054156 | 9/1/2022 3:17:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9AAD3DB6-5877-4774-A9FC-45F84CF26B24--F70557A3-7406-4AD7-8374-3BBE47316456 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3005 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4736 | 4956 | hv-cinder-85505 | | 9/1/2022 3:17:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 388E7F07-4595-42FB-B604-FD19EEAF3087--799037A5-C3B8-4267-B9AD-EAB0379E4063 (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3004 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 2204 | hv-cinder-85505 | S-1-5-83-1-948862727-1123763605-436012214-2268114926 | 9/1/2022 3:17:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 388E7F07-4595-42FB-B604-FD19EEAF3087--799037A5-C3B8-4267-B9AD-EAB0379E4063 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3003 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 2204 | hv-cinder-85505 | S-1-5-83-1-948862727-1123763605-436012214-2268114926 | 9/1/2022 3:17:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 388E7F07-4595-42FB-B604-FD19EEAF3087--799037A5-C3B8-4267-B9AD-EAB0379E4063 (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be) successfully connected to port EBF29F13-4262-474B-A505-4E9307A41F4C (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3002 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4628 | hv-cinder-85505 | S-1-5-83-1-948862727-1123763605-436012214-2268114926 | 9/1/2022 3:16:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 388E7F07-4595-42FB-B604-FD19EEAF3087--799037A5-C3B8-4267-B9AD-EAB0379E4063 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3001 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4628 | hv-cinder-85505 | | 9/1/2022 3:16:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 99175574-0B4B-4F7D-9AE5-B4A44567DA25--8753451B-7293-447A-91B0-5369CA3F1265 (Friendly Name: 4e705573-d8f2-4d69-81d9-97e349b4cc00) successfully connected to port 0F526E69-B086-44C5-B1A7-24C56658CB8B (Friendly Name: 4e705573-d8f2-4d69-81d9-97e349b4cc00) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3000 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2728 | 4844 | hv-cinder-85505 | S-1-5-83-1-2568443252-1333594955-2763318682-635070277 | 9/1/2022 3:16:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 99175574-0B4B-4F7D-9AE5-B4A44567DA25--8753451B-7293-447A-91B0-5369CA3F1265 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2999 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2728 | 4844 | hv-cinder-85505 | | 9/1/2022 3:16:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B6144DD9-3FAE-4206-B3EB-91C4552C66F0--2A479447-08C4-44E2-A6CF-A3E3BF28E299 (Friendly Name: 8f720e0d-5b70-48f1-a066-0ebba09404fb). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2998 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4552 | 3948 | hv-cinder-85505 | S-1-5-83-1-3054783961-1107705774-3297897395-4033227861 | 9/1/2022 3:16:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B6144DD9-3FAE-4206-B3EB-91C4552C66F0--2A479447-08C4-44E2-A6CF-A3E3BF28E299 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2997 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4552 | 3948 | hv-cinder-85505 | S-1-5-83-1-3054783961-1107705774-3297897395-4033227861 | 9/1/2022 3:16:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BAD1F6DF-3B0E-4A81-B203-310F5DF3E79B--2CE5DE24-B76B-4D04-9ACE-E26D2F5AB0A5 (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2996 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1864 | 872 | hv-cinder-85505 | S-1-5-83-1-3134322399-1249983246-254870450-2615669597 | 9/1/2022 3:16:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAD1F6DF-3B0E-4A81-B203-310F5DF3E79B--2CE5DE24-B76B-4D04-9ACE-E26D2F5AB0A5 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2995 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1864 | 872 | hv-cinder-85505 | S-1-5-83-1-3134322399-1249983246-254870450-2615669597 | 9/1/2022 3:16:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2994 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3304 | 1572 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:16:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2993 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3304 | 1572 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:16:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2992 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4484 | 4812 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:15:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2991 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4484 | 4812 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:15:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2990 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3280 | 2180 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:15:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2989 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3280 | 2180 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:15:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2988 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4060 | 964 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:15:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2987 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4060 | 964 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:15:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B6144DD9-3FAE-4206-B3EB-91C4552C66F0--2A479447-08C4-44E2-A6CF-A3E3BF28E299 (Friendly Name: 8f720e0d-5b70-48f1-a066-0ebba09404fb) successfully connected to port BBD6B746-0EAB-4883-8D43-CABA79F6AB62 (Friendly Name: 8f720e0d-5b70-48f1-a066-0ebba09404fb) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2986 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4552 | 4380 | hv-cinder-85505 | S-1-5-83-1-3054783961-1107705774-3297897395-4033227861 | 9/1/2022 3:15:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B6144DD9-3FAE-4206-B3EB-91C4552C66F0--2A479447-08C4-44E2-A6CF-A3E3BF28E299 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2985 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4552 | 4380 | hv-cinder-85505 | | 9/1/2022 3:15:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAD1F6DF-3B0E-4A81-B203-310F5DF3E79B--2CE5DE24-B76B-4D04-9ACE-E26D2F5AB0A5 (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be) successfully connected to port C12E2C64-E599-45B9-BE93-B7B8426C22BF (Friendly Name: acae7271-6c98-4e1f-83e8-3b3acad353be) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2984 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1864 | 4760 | hv-cinder-85505 | S-1-5-83-1-3134322399-1249983246-254870450-2615669597 | 9/1/2022 3:15:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BAD1F6DF-3B0E-4A81-B203-310F5DF3E79B--2CE5DE24-B76B-4D04-9ACE-E26D2F5AB0A5 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2983 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1864 | 4760 | hv-cinder-85505 | | 9/1/2022 3:15:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2982 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 4232 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:15:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2981 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 4232 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:15:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) successfully connected to port 6A15D1A4-3B89-4CEC-B9EA-D55C385E6416 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2980 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4060 | 1724 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:15:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2979 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4060 | 1724 | hv-cinder-85505 | | 9/1/2022 3:15:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2978 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 3868 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:15:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2977 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 3868 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:15:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) successfully connected to port 6A15D1A4-3B89-4CEC-B9EA-D55C385E6416 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2976 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 3816 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:14:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2975 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 3816 | hv-cinder-85505 | | 9/1/2022 3:14:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 938D813D-63C2-4977-956E-0F5A2577A445--BC008AB3-81B7-4F35-9D77-BD111AF10F71 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2974 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 1680 | hv-cinder-85505 | S-1-5-83-1-2475524413-1232561090-1510960789-1168406309 | 9/1/2022 3:14:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 938D813D-63C2-4977-956E-0F5A2577A445--BC008AB3-81B7-4F35-9D77-BD111AF10F71 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2973 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 1680 | hv-cinder-85505 | S-1-5-83-1-2475524413-1232561090-1510960789-1168406309 | 9/1/2022 3:14:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2972 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4032 | 4168 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:14:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2971 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4032 | 4168 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:14:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 97AF2CF2-C92A-447E-9166-871CF1CEF791--92F28382-3F9D-4624-A339-96D64BCDDA73 (Friendly Name: fc9c6a96-32e0-4d3f-be15-e0d56fe2afff). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2970 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2940 | hv-cinder-85505 | S-1-5-83-1-2544839922-1149159722-478635665-2448936689 | 9/1/2022 3:14:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 97AF2CF2-C92A-447E-9166-871CF1CEF791--92F28382-3F9D-4624-A339-96D64BCDDA73 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2969 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 2940 | hv-cinder-85505 | S-1-5-83-1-2544839922-1149159722-478635665-2448936689 | 9/1/2022 3:14:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab) successfully connected to port D51DD09E-B69F-4EE7-80BD-22DF23A26696 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2968 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3280 | 3820 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:14:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2967 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3280 | 3820 | hv-cinder-85505 | | 9/1/2022 3:14:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2966 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 1040 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:14:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2965 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 1040 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:14:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 97AF2CF2-C92A-447E-9166-871CF1CEF791--92F28382-3F9D-4624-A339-96D64BCDDA73 (Friendly Name: fc9c6a96-32e0-4d3f-be15-e0d56fe2afff) successfully connected to port 6E73B922-7775-45A6-BD29-C078441A5F32 (Friendly Name: fc9c6a96-32e0-4d3f-be15-e0d56fe2afff) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2964 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4532 | hv-cinder-85505 | S-1-5-83-1-2544839922-1149159722-478635665-2448936689 | 9/1/2022 3:14:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 97AF2CF2-C92A-447E-9166-871CF1CEF791--92F28382-3F9D-4624-A339-96D64BCDDA73 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2963 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4088 | 4532 | hv-cinder-85505 | | 9/1/2022 3:14:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) successfully connected to port 512ECCF7-20E8-44DD-89C9-C7A1463D493A (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2962 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 4348 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:14:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2961 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1700 | 4348 | hv-cinder-85505 | | 9/1/2022 3:14:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F57E5252-4991-496E-972C-0F26A5138048--0302C087-211B-421C-ABD4-85DFD9684CC9 (Friendly Name: 59be3d95-3e8c-46cc-92e4-3e1d298e00fd). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2960 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1908 | 3172 | hv-cinder-85505 | S-1-5-83-1-4118696530-1231964561-638528663-1216353189 | 9/1/2022 3:14:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F57E5252-4991-496E-972C-0F26A5138048--0302C087-211B-421C-ABD4-85DFD9684CC9 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2959 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1908 | 3172 | hv-cinder-85505 | S-1-5-83-1-4118696530-1231964561-638528663-1216353189 | 9/1/2022 3:14:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2958 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:14:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2957 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4620 | 4060 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:14:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2956 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4620 | 4060 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:14:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F57E5252-4991-496E-972C-0F26A5138048--0302C087-211B-421C-ABD4-85DFD9684CC9 (Friendly Name: 59be3d95-3e8c-46cc-92e4-3e1d298e00fd) successfully connected to port 11720094-39BB-4BE1-A859-875F7F51A689 (Friendly Name: 59be3d95-3e8c-46cc-92e4-3e1d298e00fd) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2955 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1908 | 3172 | hv-cinder-85505 | S-1-5-83-1-4118696530-1231964561-638528663-1216353189 | 9/1/2022 3:14:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F57E5252-4991-496E-972C-0F26A5138048--0302C087-211B-421C-ABD4-85DFD9684CC9 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2954 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1908 | 3172 | hv-cinder-85505 | | 9/1/2022 3:14:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 938D813D-63C2-4977-956E-0F5A2577A445--BC008AB3-81B7-4F35-9D77-BD111AF10F71 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0) successfully connected to port 8C175805-8962-4693-B4C4-8B5994ECC728 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2953 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 3856 | hv-cinder-85505 | S-1-5-83-1-2475524413-1232561090-1510960789-1168406309 | 9/1/2022 3:14:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 938D813D-63C2-4977-956E-0F5A2577A445--BC008AB3-81B7-4F35-9D77-BD111AF10F71 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2952 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 3856 | hv-cinder-85505 | | 9/1/2022 3:14:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) successfully connected to port 6A15D1A4-3B89-4CEC-B9EA-D55C385E6416 (Friendly Name: 8ca0a0f7-a3e0-4e7f-a68d-e2d30c16e4da) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2951 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4032 | 4168 | hv-cinder-85505 | S-1-5-83-1-2118838356-1229808224-3430980234-1579237024 | 9/1/2022 3:13:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7E4AE854-6260-494D-8A9A-80CCA03E215E--3B700A9B-BD38-4DD3-A286-2AB78F16C7E2 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2950 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4032 | 4168 | hv-cinder-85505 | | 9/1/2022 3:13:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 29D19D35-3D7B-40CA-B2F6-5EE41F73F72B--AB4CD89D-5B40-4051-9A30-5DD39B46E756 (Friendly Name: 59a144ef-d05d-4d8c-9646-a59b50720bb9). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2949 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1460 | 4968 | hv-cinder-85505 | S-1-5-83-1-701603125-1086995835-3831428786-737637151 | 9/1/2022 3:13:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 29D19D35-3D7B-40CA-B2F6-5EE41F73F72B--AB4CD89D-5B40-4051-9A30-5DD39B46E756 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2948 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1460 | 4968 | hv-cinder-85505 | S-1-5-83-1-701603125-1086995835-3831428786-737637151 | 9/1/2022 3:13:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5C0282A1-E6EC-4556-9058-0B4B2E50849A--7CA0987B-1363-44E5-8E72-09EE168B1D99 (Friendly Name: 5c1a48a0-cb02-4bfe-8ed6-2e468a51159c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2947 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4440 | 5072 | hv-cinder-85505 | S-1-5-83-1-1543668385-1163323116-1259034768-2592362542 | 9/1/2022 3:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C0282A1-E6EC-4556-9058-0B4B2E50849A--7CA0987B-1363-44E5-8E72-09EE168B1D99 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2946 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4440 | 5072 | hv-cinder-85505 | S-1-5-83-1-1543668385-1163323116-1259034768-2592362542 | 9/1/2022 3:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab) successfully connected to port D51DD09E-B69F-4EE7-80BD-22DF23A26696 (Friendly Name: 642a8d83-f8ad-426b-8eed-396205103cab) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2945 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 3844 | hv-cinder-85505 | S-1-5-83-1-3132136549-1116448424-271542927-503217365 | 9/1/2022 3:13:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic BAB09C65-A6A8-428B-8F6A-2F10D57CFE1D--50C7F344-38B7-4390-BA2F-22C29E75C233 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2944 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 3844 | hv-cinder-85505 | | 9/1/2022 3:13:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C0282A1-E6EC-4556-9058-0B4B2E50849A--7CA0987B-1363-44E5-8E72-09EE168B1D99 (Friendly Name: 5c1a48a0-cb02-4bfe-8ed6-2e468a51159c) successfully connected to port 21AF606F-AD20-438C-B011-DE3664646183 (Friendly Name: 5c1a48a0-cb02-4bfe-8ed6-2e468a51159c) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2943 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4440 | 2204 | hv-cinder-85505 | S-1-5-83-1-1543668385-1163323116-1259034768-2592362542 | 9/1/2022 3:13:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5C0282A1-E6EC-4556-9058-0B4B2E50849A--7CA0987B-1363-44E5-8E72-09EE168B1D99 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2942 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4440 | 2204 | hv-cinder-85505 | | 9/1/2022 3:13:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) successfully connected to port 512ECCF7-20E8-44DD-89C9-C7A1463D493A (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2941 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4620 | 4656 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:13:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2940 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4620 | 4656 | hv-cinder-85505 | | 9/1/2022 3:13:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) successfully connected to port 14024D14-0B8A-4893-98F1-094A4E9F5E14 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2939 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3304 | 1744 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2938 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3304 | 1744 | hv-cinder-85505 | | 9/1/2022 3:12:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2937 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4888 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2936 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4888 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2935 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3840 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:12:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2934 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 3840 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:12:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2933 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:12:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) successfully connected to port 14024D14-0B8A-4893-98F1-094A4E9F5E14 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2932 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4412 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2931 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5060 | 4412 | hv-cinder-85505 | | 9/1/2022 3:12:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2930 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3972 | 5108 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2929 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3972 | 5108 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:12:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 66B268CF-E0D2-4E1C-B225-A1D6639C5A73--0961B7C1-B44D-489D-B42B-F9A60048CB53 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2928 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1652 | 2208 | hv-cinder-85505 | S-1-5-83-1-1722968271-1310515410-3600885170-1935318115 | 9/1/2022 3:12:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 66B268CF-E0D2-4E1C-B225-A1D6639C5A73--0961B7C1-B44D-489D-B42B-F9A60048CB53 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2927 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1652 | 2208 | hv-cinder-85505 | S-1-5-83-1-1722968271-1310515410-3600885170-1935318115 | 9/1/2022 3:12:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 29D19D35-3D7B-40CA-B2F6-5EE41F73F72B--AB4CD89D-5B40-4051-9A30-5DD39B46E756 (Friendly Name: 59a144ef-d05d-4d8c-9646-a59b50720bb9) successfully connected to port 854CE515-61DA-4B5E-A13D-EC5D5A87CC34 (Friendly Name: 59a144ef-d05d-4d8c-9646-a59b50720bb9) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2926 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1460 | 4692 | hv-cinder-85505 | S-1-5-83-1-701603125-1086995835-3831428786-737637151 | 9/1/2022 3:12:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 29D19D35-3D7B-40CA-B2F6-5EE41F73F72B--AB4CD89D-5B40-4051-9A30-5DD39B46E756 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2925 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1460 | 4692 | hv-cinder-85505 | | 9/1/2022 3:12:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6) successfully connected to port 4DC89379-EC47-46A4-B585-D441DC02252F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2924 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4484 | 4812 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2923 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4484 | 4812 | hv-cinder-85505 | | 9/1/2022 3:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2922 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 2572 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:12:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2921 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 2572 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:12:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C5D15E4C-71CE-4E6C-8F65-BFC609EFF967--D77775B1-0319-45CF-A19E-ABE87128C901 (Friendly Name: 6eb17f3c-1ef5-44ea-b1c0-ccbf4b425014). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2920 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1932 | 4296 | hv-cinder-85505 | S-1-5-83-1-3318832716-1315729870-3334432143-1744432905 | 9/1/2022 3:11:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C5D15E4C-71CE-4E6C-8F65-BFC609EFF967--D77775B1-0319-45CF-A19E-ABE87128C901 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2919 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1932 | 4296 | hv-cinder-85505 | S-1-5-83-1-3318832716-1315729870-3334432143-1744432905 | 9/1/2022 3:11:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 66B268CF-E0D2-4E1C-B225-A1D6639C5A73--0961B7C1-B44D-489D-B42B-F9A60048CB53 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0) successfully connected to port 6CB77A0D-B445-45C0-90EE-178FE8C4C1D1 (Friendly Name: 222e0d83-818c-46cf-89f1-93eb1ab086b0) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2918 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1652 | 4648 | hv-cinder-85505 | S-1-5-83-1-1722968271-1310515410-3600885170-1935318115 | 9/1/2022 3:11:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 66B268CF-E0D2-4E1C-B225-A1D6639C5A73--0961B7C1-B44D-489D-B42B-F9A60048CB53 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2917 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1652 | 4648 | hv-cinder-85505 | | 9/1/2022 3:11:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C5D15E4C-71CE-4E6C-8F65-BFC609EFF967--D77775B1-0319-45CF-A19E-ABE87128C901 (Friendly Name: 6eb17f3c-1ef5-44ea-b1c0-ccbf4b425014) successfully connected to port 35009EC6-DD37-4A87-A252-5FB1BCCCCACD (Friendly Name: 6eb17f3c-1ef5-44ea-b1c0-ccbf4b425014) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2916 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1932 | 3312 | hv-cinder-85505 | S-1-5-83-1-3318832716-1315729870-3334432143-1744432905 | 9/1/2022 3:11:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C5D15E4C-71CE-4E6C-8F65-BFC609EFF967--D77775B1-0319-45CF-A19E-ABE87128C901 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2915 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1932 | 3312 | hv-cinder-85505 | | 9/1/2022 3:11:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6) successfully connected to port 4DC89379-EC47-46A4-B585-D441DC02252F (Friendly Name: 0d37043b-9fe8-4ffe-840b-9872dc902ae6) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2914 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 2572 | hv-cinder-85505 | S-1-5-83-1-1038179080-1132897493-3063016349-2218249028 | 9/1/2022 3:11:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3DE15B08-A4D5-4386-9DEB-91B644CB3784--FD4A3F63-F5F9-44E2-86BA-F9095EB88E0F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2913 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 2572 | hv-cinder-85505 | | 9/1/2022 3:11:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) successfully connected to port 512ECCF7-20E8-44DD-89C9-C7A1463D493A (Friendly Name: 8c275910-407f-4260-bbbb-1f2dc5706ef1) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2912 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 4920 | hv-cinder-85505 | S-1-5-83-1-697516893-1088001509-4223147658-965875104 | 9/1/2022 3:11:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2993435D-95E5-40D9-8A1E-B8FBA0159239--77531CAB-9ED7-46C3-B9E9-9A2F7C7CADAD (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2911 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4684 | 4920 | hv-cinder-85505 | | 9/1/2022 3:11:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) successfully connected to port 14024D14-0B8A-4893-98F1-094A4E9F5E14 (Friendly Name: 5eef0803-9f2b-4eae-abb5-9dfda0339836) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2910 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3972 | 5108 | hv-cinder-85505 | S-1-5-83-1-1778554242-1078178069-104919722-828970469 | 9/1/2022 3:11:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6A029582-B115-4043-AAF2-4006E5156931--B3FC5305-2EDD-4C92-AC8B-CCB377019061 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2909 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3972 | 5108 | hv-cinder-85505 | | 9/1/2022 3:11:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Status 0x00001069 determining that device interface \\?\{8e7bd593-6e6c-4c52-86a6-77175494dd8e}#MsVhdHba#1&3030e83&0&01#{2accfe60-c130-11d2-b082-00a0c91efb8b} does not support iSCSI WMI interfaces. If this device is not an iSCSI HBA then this error can be ignored. | 108 | | 0 | 3 | 0 | | 36028797018963968 | 2908 | MSiSCSI | | System | | | hv-cinder-85505 | | 9/1/2022 3:11:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2907 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 3:10:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2906 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:10:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2905 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:10:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2904 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2903 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2902 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2901 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2900 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2899 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2898 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2897 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2896 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2895 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2894 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:09:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2893 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 3:08:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The neutron-hyperv-agent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2892 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:08:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2891 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cinder-backup service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2890 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3976 | hv-cinder-85505 | | 9/1/2022 3:08:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cinder-backup service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2889 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3976 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cinder-volume service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2888 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 3:08:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cinder-volume service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2887 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nova-compute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2886 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 3:08:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2885 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2884 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 588 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2883 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 3:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2882 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 3:08:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2881 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 588 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2880 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 3:08:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2879 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 588 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2878 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 588 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2877 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 588 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 3:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2876 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 3:08:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2875 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 3:04:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2874 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:54:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2873 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:53:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2872 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:52:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2871 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:46:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2870 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:45:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2869 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:45:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 2868 | MSiSCSI | | System | | | hv-cinder-85505 | | 9/1/2022 2:44:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2867 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:44:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2866 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:44:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2865 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 604 | hv-cinder-85505 | | 9/1/2022 2:44:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2864 | iScsiPrt | | System | | | hv-cinder-85505 | | 9/1/2022 2:44:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2863 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:44:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft iSCSI Initiator Service service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2862 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:44:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2861 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:44:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2860 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:44:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2859 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2858 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2857 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2856 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2855 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2854 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2853 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:43:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2852 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:42:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2851 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:42:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2850 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:42:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2849 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2848 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2847 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2846 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2845 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2844 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2843 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:41:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2842 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:40:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2841 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:40:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2840 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:40:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2839 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:39:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2838 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:39:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2837 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:39:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2836 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:39:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2835 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:39:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2834 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:38:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2833 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:37:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2832 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:37:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2831 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:36:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2830 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:36:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2829 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:36:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2828 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:36:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2827 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:36:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2826 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:35:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2825 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:35:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2824 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:35:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2823 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:35:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2822 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:35:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2821 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:33:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2820 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:33:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2819 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:33:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2818 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:33:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2817 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:32:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2816 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:32:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2815 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:32:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2814 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:32:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The App Readiness service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2813 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:32:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2812 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:31:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2811 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:31:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2810 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2809 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2808 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:30:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2807 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:30:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2806 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2805 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2804 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:29:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2803 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:29:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2802 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:29:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2801 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:29:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2800 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:29:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2799 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:28:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2798 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2797 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2796 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2795 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2794 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2793 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2792 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2791 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:28:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2790 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2789 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2788 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2787 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:27:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2786 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2785 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1924 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2784 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:27:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2783 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:27:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2782 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2781 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:27:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2780 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:27:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2779 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:27:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2778 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2777 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2776 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2775 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-20 | 9/1/2022 2:26:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2774 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2773 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:26:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2772 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2771 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:26:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2770 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1924 | hv-cinder-85505 | S-1-5-20 | 9/1/2022 2:26:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2769 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:26:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2768 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:26:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2767 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2766 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2765 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2764 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2763 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2762 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2761 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1924 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2760 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1924 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:25:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2759 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1808 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:24:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2758 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1000 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2757 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:24:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2756 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:24:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2755 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2754 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1512 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:24:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2753 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1008 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2752 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1836 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:24:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2751 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1008 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2750 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:24:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2749 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1836 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:24:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully connected to port 5A417761-AA7C-4749-8846-EAD25879AEC6 (Friendly Name: br-data_External) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2748 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2524 | 2880 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2747 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2746 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 548 | 2896 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2745 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2744 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully bound to port (Friendly Name: ) on switch (Friendly Name: ). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2743 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: Microsoft Hyper-V Network Adapter) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2742 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{B9275988-F00C-457C-8AEF-70D383F7911F} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2741 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 548 | 2896 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2740 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 548 | 2896 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2739 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 512 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2738 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 508 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2737 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 80 | hv-cinder-85505 | | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2736 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 508 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2735 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2734 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 548 | 3056 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2733 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2732 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:24:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2731 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:24:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch 018AE52C-B956-48FC-AA9C-23A04FD6093F (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2730 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2524 | 3392 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 018AE52C-B956-48FC-AA9C-23A04FD6093F (Friendly Name: br-data) successfully connected to port 018AE52C-B956-48FC-AA9C-23A04FD6093F (Friendly Name: br-data) on switch 018AE52C-B956-48FC-AA9C-23A04FD6093F(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2729 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2524 | 3392 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 018AE52C-B956-48FC-AA9C-23A04FD6093F (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2728 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2524 | 3392 | hv-cinder-85505 | | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2727 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2726 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvms_mp.inf_amd64_e1065995a017ab1b\wvms_mp.inf for Device Instance ID ROOT\VMS_VSMP\0000 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2725 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 1696 | 1460 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: VMSMP
Service File Name: \SystemRoot\System32\drivers\vmswitch.sys
Service Type: kernel mode driver
Service Start Type: demand start
Service Account: | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2724 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2723 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | | 9/1/2022 2:24:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2722 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2721 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: neutron-hyperv-agent
Service File Name: c:\openstack\bin\OpenStackService.exe neutron-hyperv-agent c:\python38\scripts\neutron-hyperv-agent.exe --config-file c:\openstack\etc\neutron-hyperv-agent.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2720 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1620 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cinder-backup service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2719 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1620 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: cinder-backup
Service File Name: c:\openstack\bin\OpenStackService.exe cinder-backup c:\python38\scripts\cinder-backup.exe --config-file c:\openstack\etc\cinder-backup.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2718 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cinder-volume service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2717 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: cinder-volume
Service File Name: c:\openstack\bin\OpenStackService.exe cinder-volume c:\python38\scripts\cinder-volume.exe --config-file c:\openstack\etc\cinder-volume.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2716 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2715 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 868 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: nova-compute
Service File Name: c:\openstack\bin\OpenStackService.exe nova-compute c:\python38\scripts\nova-compute.exe --config-file c:\openstack\etc\nova.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2714 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2713 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2712 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:24:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the IKE and AuthIP IPsec Keying Modules service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2711 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:24:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2710 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2709 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2708 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:24:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2707 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:23:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2706 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:23:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?09?-?01T14:23:44.130000000Z from ?2022?-?09?-?01T14:23:44.141709900Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2705 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1420 | 1492 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:23:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2704 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:23:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2703 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1924 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:23:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2702 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:23:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| SSL Certificate Settings created by an admin process for endpoint : 0.0.0.0:5986 . | 15301 | 0 | 32768 | 3 | 0 | 0 | 36028797018963968 | 2701 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1084 | hv-cinder-85505 | | 9/1/2022 2:23:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully added. | 15007 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2700 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1084 | hv-cinder-85505 | | 9/1/2022 2:23:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully deleted. | 15008 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2699 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 1084 | hv-cinder-85505 | | 9/1/2022 2:23:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2698 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:23:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2697 | Virtual Disk Service | | System | | | hv-cinder-85505 | | 9/1/2022 2:23:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2696 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:23:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2695 | Virtual Disk Service | | System | | | hv-cinder-85505 | | 9/1/2022 2:23:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\Admin SID (S-1-5-21-1369941132-3045250952-1280987972-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2694 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1001 | 9/1/2022 2:23:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 192.168.0.24. The computer with the IP address 192.168.0.50 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2693 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:23:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TBS device identifier has been generated. | 1282 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2692 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 2564 | 3980 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:23:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2691 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1516 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:22:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\cloudbase-init SID (S-1-5-21-1369941132-3045250952-1280987972-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2690 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1136 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1000 | 9/1/2022 2:22:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrustedInstaller service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2689 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2688 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 1 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 2687 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 548 | 3412 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:53 PM | e0fde29d-edb2-4dab-a70e-67dc51e45a4c | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2686 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2685 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2684 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HV-CINDER-85505\cloudbase-init SID (S-1-5-21-1369941132-3045250952-1280987972-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2683 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 952 | 1876 | hv-cinder-85505 | S-1-5-21-1369941132-3045250952-1280987972-1000 | 9/1/2022 2:22:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LicenseManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2682 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This event triggers the TBS device identifier generation. | 1281 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2681 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 548 | 2888 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2680 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2679 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2678 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:22:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 10.222.0.71. The computer with the IP address 10.222.0.65 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2677 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is hv-cinder-85505. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 2676 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | hv-cinder-85505 | | 9/1/2022 2:22:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cloudbase-init service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2675 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2674 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2673 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2672 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2671 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ClipSVC service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2670 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 10.222.0.71. The computer with the IP address 10.222.0.65 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2669 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 192.168.0.24. The computer with the IP address 192.168.0.50 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2668 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2667 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 32 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2666 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2665 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.71 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2664 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 548 | 2756 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:192.168.0.24 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2663 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 548 | 2756 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2662 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2661 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 508 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 10.222.0.71. The computer with the IP address 10.222.0.65 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2660 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 192.168.0.24. The computer with the IP address 192.168.0.50 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2659 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2658 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2657 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2656 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 804 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2655 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2654 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2653 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2652 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1900 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2651 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1420 | 1512 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:20" could not be registered on the interface with IP address 10.222.0.71. The computer with the IP address 10.222.0.65 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2650 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:20" could not be registered on the interface with IP address 192.168.0.24. The computer with the IP address 192.168.0.50 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2649 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2648 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2647 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2646 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1612 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2645 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2644 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2643 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2642 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2641 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1704 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2640 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2639 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1896 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2638 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1896 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2637 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1896 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2636 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The name "HV-CINDER-85505:0" could not be registered on the interface with IP address 192.168.0.24. The computer with the IP address 192.168.0.50 did not allow the name to be claimed by this computer. | 4321 | | 49152 | 2 | 0 | | 36028797018963968 | 2635 | NetBT | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2634 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2633 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2632 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2631 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2630 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2629 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2628 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | hv-cinder-85505 | | 9/1/2022 2:22:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server could not bind to the transport \Device\NetBT_Tcpip_{C02FB3B5-F9A8-425B-AE01-661E7780FBE4} because another computer on the network has the same name. The server could not start. | 2505 | | 49152 | 2 | 0 | | 36028797018963968 | 2627 | Server | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server could not bind to the transport \Device\NetBT_Tcpip_{B9275988-F00C-457C-8AEF-70D383F7911F} because another computer on the network has the same name. The server could not start. | 2505 | | 49152 | 2 | 0 | | 36028797018963968 | 2626 | Server | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2625 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2624 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2623 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2622 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2621 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2620 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2619 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2618 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2617 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2616 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1644 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2615 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2614 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1704 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2613 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2612 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppReadiness service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2611 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2610 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?09?-?01T14:22:42.450000000Z from ?2022?-?09?-?01T14:22:41.897419100Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2609 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1428 | 1940 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:22:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2608 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2607 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2606 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1928 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2605 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2604 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2603 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2602 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2601 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1656 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2600 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2599 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2598 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2597 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1548 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2596 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1428 | 1564 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2595 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1428 | 1532 | hv-cinder-85505 | S-1-5-19 | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2594 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2593 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2592 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2591 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully logged OS information | 2004 | 0 | | 4 | 4000 | 0 | 2305983746702049280 | 2590 | Microsoft-Windows-Setup | 75ebc33e-997f-49cf-b49f-ecc50184b75d | System | 1172 | 1176 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | OS information | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2589 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2588 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2587 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2586 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2585 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2584 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2583 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2582 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2581 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2580 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2579 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 876 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2578 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2577 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2576 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2575 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 880 | hv-cinder-85505 | | 9/1/2022 2:22:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2574 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 816 | 820 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:26 PM | 3e9c122a-be0e-0002-3012-9c3e0ebed801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2573 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 688 | 692 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2572 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 508 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2571 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2570 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2569 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2568 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | hv-cinder-85505 | | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2567 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | hv-cinder-85505 | | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2566 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2565 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2564 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2563 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2562 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2561 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2560 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2559 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2558 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | hv-cinder-85505 | | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2557 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 228 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2556 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2555 | VfpExt | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2554 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2553 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 228 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2552 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2551 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2550 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2549 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2548 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2547 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2546 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2545 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2544 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2543 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2542 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2541 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?09?-?01T14:22:19.497756500Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2540 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2022?-?09?-?01T14:22:12.375128200Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2539 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 1784 | hv-cinder-85505 | | 9/1/2022 2:22:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connection Broker service terminated with the following error:
A device attached to the system is not functioning. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2538 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connection Broker service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2537 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server {A47979D2-C419-11D9-A5B4-001185AD2B89} did not register with DCOM within the required timeout. | 10010 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2536 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 964 | 1016 | hv-cinder-85505 | S-1-5-18 | 9/1/2022 2:22:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2535 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 700 | 704 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2534 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 21 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2533 | EventLog | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2532 | EventLog | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2531 | EventLog | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-BTS7D5MTMQT to HV-CINDER-85505. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2530 | EventLog | | System | | | hv-cinder-85505 | | 9/1/2022 2:22:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2529 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2528 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2527 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2526 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2525 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2524 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | hv-cinder-85505 | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2523 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2522 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2521 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2520 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2519 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2518 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2517 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 876 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2516 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 876 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2515 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2514 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2513 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1312 | 1576 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?09?-?01T14:22:11.609000000Z from ?2022?-?09?-?01T14:22:11.619271100Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2512 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1488 | 2252 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2511 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1312 | 1656 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2510 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2509 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1264 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2508 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 892 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2507 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2506 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2505 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2504 | EventLog | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2503 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2502 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2501 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2500 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:22:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2499 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:22:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\winlogon.exe (WIN-5T344G8GM1H) has initiated the restart of computer WIN-BTS7D5MTMQT on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Upgrade (Planned)
Reason Code: 0x80020003
Shutdown Type: restart
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2498 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 612 | 1320 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:22:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2497 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:22:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2496 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:22:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2495 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:22:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2494 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:22:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2493 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\SMI\Store\Machine\SCHEMA.DAT was reorganized with a starting size of 12853248 bytes and an ending size of 11681792 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2492 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1188 | 1192 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\config\COMPONENTS was reorganized with a starting size of 71872512 bytes and an ending size of 56864768 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2491 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1188 | 1192 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2490 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1488 | 1796 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:21:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2489 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2488 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2487 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2486 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2485 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2484 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2483 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2482 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2481 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2480 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2479 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2478 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2477 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2476 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1044 | 2920 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\AppCompat\Programs\Amcache.hve was cleared updating 629 keys and creating 196 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2475 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 2100 | 2468 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvmbusvideo.inf_amd64_1f06cc897822eef5\wvmbusvideo.inf for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2474 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2560 | 2616 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service HyperVideo for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2473 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2560 | 2616 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\2 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2472 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2471 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2470 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2568 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\1 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2469 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2552 | 2612 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Host Compute Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2468 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2467 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2552 | 2612 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2466 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2465 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2552 | 2612 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->40.119.148.38:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2464 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1488 | 1512 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:21:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2463 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2462 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2461 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1292 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2460 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1292 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2459 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 816 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2458 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2457 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2456 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2455 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2454 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2453 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2452 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1416 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2451 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1416 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2450 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2449 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service terminated with the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2448 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2447 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2446 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 892 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2445 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2444 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2443 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2442 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2441 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2440 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2439 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 9/1/2022 2:21:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2438 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1264 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2437 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2436 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 900 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2433 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2432 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service terminated with the following error:
The device is not ready. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2431 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2430 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2429 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2428 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1264 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2427 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2426 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1396 | WIN-5T344G8GM1H | | 9/1/2022 2:21:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2425 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1388 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2424 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1388 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2423 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1388 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2422 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1388 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2421 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1312 | 1656 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2420 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2419 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1312 | 1576 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2418 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2417 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2415 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2413 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2412 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2410 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2409 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 592 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2408 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 592 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2407 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 592 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2022?-?09?-?01T14:21:11.525000000Z from ?2022?-?09?-?01T14:21:11.307150200Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2406 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1312 | 1432 | WIN-5T344G8GM1H | S-1-5-19 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2405 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1264 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2404 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1264 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2403 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1416 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2402 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1268 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2401 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1300 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2400 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 1292 | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\BBI was cleared updating 10 keys and creating 2 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2399 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 916 | 1020 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2398 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2397 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2396 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2395 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 596 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2394 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 588 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2393 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2392 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 588 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2391 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 584 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2390 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2389 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2388 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2387 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2384 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2383 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2382 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2381 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2380 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2379 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 896 | WIN-5T344G8GM1H | | 9/1/2022 2:21:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2378 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2377 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2376 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2375 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 812 | 888 | WIN-5T344G8GM1H | | 9/1/2022 2:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2374 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 828 | 832 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:01 PM | 01f449e8-be0e-0005-ee49-f4010ebed801 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2373 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 700 | 704 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:21:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Default\NTUSER.DAT was cleared updating 126 keys and creating 18 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2372 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 568 | 572 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat was cleared updating 628 keys and creating 85 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2371 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 568 | 572 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\NTUSER.DAT was cleared updating 1935 keys and creating 116 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2370 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 568 | 572 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\NetworkService\NTUSER.DAT was cleared updating 128 keys and creating 20 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2369 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 568 | 572 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\LocalService\NTUSER.DAT was cleared updating 137 keys and creating 21 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2368 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 568 | 572 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SAM was cleared updating 80 keys and creating 7 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2367 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 548 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SECURITY was cleared updating 87 keys and creating 5 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2366 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 532 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\DEFAULT was cleared updating 229 keys and creating 27 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2365 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 544 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\Config\SOFTWARE was reorganized with a starting size of 78917632 bytes and an ending size of 74686464 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2364 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 536 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \Device\HarddiskVolume1\Boot\BCD was cleared updating 82 keys and creating 1 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2363 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 484 | 488 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\config\DRIVERS was reorganized with a starting size of 5177344 bytes and an ending size of 5169152 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2362 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 376 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2361 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2360 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2359 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2358 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2357 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2356 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 228 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2355 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | WIN-5T344G8GM1H | | 9/1/2022 2:20:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2354 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2353 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2352 | VfpExt | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:20:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2351 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume \\?\Volume{be07386b-0000-0000-0000-100000000000} (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2350 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2349 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2348 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2347 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2346 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2345 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2344 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2343 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2342 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2341 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2340 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2339 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2338 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2022?-?09?-?01T14:20:37.499990500Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2337 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 9/1/2022 2:20:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2018?-?01?-?19T09:48:14.082208700Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2336 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2896 | WIN-5T344G8GM1H | | 1/19/2018 9:48:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2335 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 520 | 524 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2334 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2333 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2332 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2331 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2330 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2329 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2328 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2327 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2326 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2325 | EventLog | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2324 | EventLog | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-5T344G8GM1H to WIN-BTS7D5MTMQT. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2323 | EventLog | | System | | | WIN-5T344G8GM1H | | 9/1/2022 2:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2322 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2321 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2320 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2319 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2318 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2317 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2316 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2315 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2314 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2313 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1100 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2312 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2311 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2018?-?01?-?19T09:48:13.152000000Z from ?2018?-?01?-?19T09:48:13.164762500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2310 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1244 | 2300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Credential Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2309 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1080 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2308 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 2116 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2307 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1048 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2306 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 436 | 1300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2305 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 436 | 1360 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2304 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2303 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2302 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2301 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2300 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2299 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| User Logoff Notification for Customer Experience Improvement Program | 7002 | 0 | | 4 | 1102 | 0 | 2305878193585782784 | 2298 | Microsoft-Windows-Winlogon | dbe9b383-7cf3-4331-91cc-a3cb16a3b538 | System | 584 | 916 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2297 | EventLog | | System | | | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CDPUserSvc_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2296 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Sync Host_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2295 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2294 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 820 | 972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2293 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Configuration service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2292 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\System32\Sysprep\Sysprep.exe (WIN-5T344G8GM1H) has initiated the shutdown of computer WIN-5T344G8GM1H on behalf of user WIN-5T344G8GM1H\Administrator for the following reason: No title for this reason could be found
Reason Code: 0x40002
Shutdown Type: shutdown
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2291 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 448 | 464 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Process C:\Windows\System32\Sysprep\sysprep.exe (process ID:4012) reset policy scheme from {381B4222-F694-41F0-9685-FF5BB260DF2E} to {381B4222-F694-41F0-9685-FF5BB260DF2E} | 12 | 0 | | 4 | 10 | 0 | 4611686018427387904 | 2290 | Microsoft-Windows-UserModePowerService | ce8dee0b-d539-4000-b0f8-77bed049c590 | System | 764 | 316 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2289 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2288 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2286 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1320 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2285 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2284 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2283 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2282 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service was successfully sent a stop control.
The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)]
Comment: None | 7042 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2281 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Teredo Tunneling Pseudo-Interface, {8A97E6D0-A2AF-48AE-8BC2-FFC865CC4DF6}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2280 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 8a97e6d0-a2af-48ae-8bc2-ffc865cc4df6 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2279 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1984 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Microsoft Hyper-V Network Adapter #2, {518CDFA4-5492-4D9E-BEAA-908825A4A289}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2278 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 518cdfa4-5492-4d9e-beaa-908825a4a289 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2277 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1800 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.{518CDFA4-5492-4D9E-BEAA-908825A4A289} is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2276 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 976 | 1376 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2275 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2274 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft-Windows-Kernel-PnP/Configuration log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2273 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the VIA StorX Storage RAID Controller Windows Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2272 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the vsmraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2271 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Universal Flash Storage (UFS) Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2270 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard NVM Express Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2269 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the stexstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2268 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid4 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2267 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid2 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2266 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Storage Class Memory Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2265 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SBP-2 Transport/Protocol Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2264 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic [FCoE] STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2263 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic iSCSI Miniport Inbox Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2262 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Fibre Channel STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2261 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2260 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2259 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pcmcia service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2258 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2257 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2256 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic 10 Gigabit Ethernet Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2255 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Network Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2254 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the mvumis service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2253 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard SATA AHCI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2252 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pciide service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2251 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasr service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2250 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2249 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2248 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the isapnp service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2247 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SSS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2246 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2245 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2244 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2243 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel RAID Controller Windows 7 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2242 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel(R) SATA RAID Controller Windows service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2241 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the HpSAMD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2240 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2239 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxfcoe service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2238 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2237 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cht4iscsi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2236 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Offload iSCSI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2235 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic FCoE Offload driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2234 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadfcoei service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2233 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2232 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Adaptec SAS/SATA-II RAID Storport's Miniport Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2231 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsbs service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2230 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdxata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2229 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2228 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the ADP80XX service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the 3ware service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2226 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2225 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2224 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2223 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2222 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2221 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Setup log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2220 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Application log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2219 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The System log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2218 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |