| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 152 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 151 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 150 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 149 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 148 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 147 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 146 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 145 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 144 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 143 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 142 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 141 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 140 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 896 | 1176 | n-h2-761264-11.cbci-761264-11.local | S-1-5-20 | 11/19/2020 11:59:35 AM | f4628259-f330-4631-a5f8-4249228d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 139 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 138 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 137 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 136 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 135 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 134 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 133 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 132 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 131 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 130 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 129 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 128 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 127 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 3128 | 3232 | n-h2-761264-11 | S-1-5-20 | 11/19/2020 11:19:29 AM | f462b0df-cdeb-46cb-9678-88f37cbb0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 126 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 125 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 124 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 123 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 122 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 121 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 120 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 119 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 118 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 117 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 116 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 115 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 114 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 984 | 420 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:41:29 AM | f462a289-5ea2-4e24-8d1c-4f9d50380000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 113 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 112 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 111 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 110 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 109 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 108 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 107 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 106 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 105 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 104 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 103 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 102 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 101 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 968 | 800 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:27:15 AM | f462577a-4b56-4363-8375-9b7bca5a0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 100 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 99 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 98 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 97 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 96 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 95 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 94 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 93 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 92 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 91 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 90 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 89 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 88 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 952 | 396 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:26:40 AM | f462bcc9-4a9a-4242-9ba3-88859f990000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 87 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 86 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 85 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 84 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 83 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 82 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 81 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 80 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 79 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 78 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 77 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 76 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 75 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 964 | 532 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 9:23:00 AM | f4626442-17da-4103-8310-2fd3aafa0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 74 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 73 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 72 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 71 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 70 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 69 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 68 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 67 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 66 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 65 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 64 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 63 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 62 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 92 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:54:48 AM | f4628412-5c34-4b9c-a1b5-f3dc75f10000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 61 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 60 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 59 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 58 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 57 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 56 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 55 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 54 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 53 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 52 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 51 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 50 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 49 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1012 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:50:02 AM | f462d7e1-d113-46f5-a693-6bd857000000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 48 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 47 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 46 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 45 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 44 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 43 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 42 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 41 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 40 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 39 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 38 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 37 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 36 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 972 | 340 | WIN-5T344G8GM1H | S-1-5-20 | 1/19/2018 8:23:55 AM | f4624cae-69bd-4d38-876f-5a416b4d0000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 35 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 34 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 33 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 32 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 31 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 30 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 29 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 28 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 27 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 26 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 25 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 24 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 23 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 940 | 1020 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 6:06:24 PM | f4621545-cfc5-42fe-bf6f-6d3e31c20000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 22 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 21 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 20 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(31C5CE94259D4006A9E4) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 19 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 18 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 17 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 16 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 15 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 14 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 13 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 12 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 11 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 10 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 956 | 88 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:42:11 PM | f462c821-a45c-45f2-8bbb-cfbb56220000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 9 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using UDP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 7 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The server is using TCP to bind to port 15629. | 129 | 0 | | 4 | 4 | 18 | 4611686018427387904 | 6 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | NetworkBinding | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Windows 8 or later detected, setting transport default mode to UDP + TCP' in CUMRDPListenerBase::Initialize at 422 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 5 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Creating standard listener:RDP-Tcp' in CUMRDPProtocolManager::CreateListener at 3850 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 4 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Type not found. Default to TCP only used.' in CUMRDPProtocolManager::CreateListener at 3762 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 3 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'Reverse Connection Listener Name not found. Default Listener Name will be used.' in CUMRDPProtocolManager::CreateListener at 3749 err=[0x2] | 227 | 0 | | 2 | 4 | 19 | 4611686018427387904 | 2 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| 'CUMRDPProtocolManager::CreateListener(RDP-Tcp) DEBUG/VM/ReverseTCP/ReverseUDP/INET' in CUMRDPProtocolManager::CreateListener at 3732 err=[0x0] | 229 | 0 | | 4 | 4 | 19 | 4611686018427387904 | 1 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS | 1139c61b-b549-4251-8ed3-27250a1edec8 | Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational | 2980 | 3032 | WIN-5T344G8GM1H | S-1-5-20 | 1/16/2018 5:02:04 PM | f462ae1e-ecf4-4ef1-9123-eb41fc650000 | | microsoft-windows-remotedesktopservices-rdpcorets/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Runtime | RemoteFX module | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |