Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
1 shim(s) were applied to driver [storahci.sys].
Shim(s) source: applied through registry.
Shim GUID(s): {434abafd-08fa-4c3d-a88d-d09a88e2ab17}. | 3 | 1 | | 4 | 0 | 0 | 4611686018427387904 | 4 | Microsoft-Windows-Kernel-ShimEngine | 0bf2fb94-7b60-4b4d-9766-e82f658df540 | Microsoft-Windows-Kernel-ShimEngine/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/26/2021 8:07:27 AM | | | microsoft-windows-kernel-shimengine/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
1 shim(s) were applied to driver [storahci.sys].
Shim(s) source: applied through registry.
Shim GUID(s): {434abafd-08fa-4c3d-a88d-d09a88e2ab17}. | 3 | 1 | | 4 | 0 | 0 | 4611686018427387904 | 3 | Microsoft-Windows-Kernel-ShimEngine | 0bf2fb94-7b60-4b4d-9766-e82f658df540 | Microsoft-Windows-Kernel-ShimEngine/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 10:23:52 AM | | | microsoft-windows-kernel-shimengine/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
1 shim(s) were applied to driver [storahci.sys].
Shim(s) source: applied through registry.
Shim GUID(s): {434abafd-08fa-4c3d-a88d-d09a88e2ab17}. | 3 | 1 | | 4 | 0 | 0 | 4611686018427387904 | 2 | Microsoft-Windows-Kernel-ShimEngine | 0bf2fb94-7b60-4b4d-9766-e82f658df540 | Microsoft-Windows-Kernel-ShimEngine/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:42:06 PM | | | microsoft-windows-kernel-shimengine/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
1 shim(s) were applied to driver [storahci.sys].
Shim(s) source: applied through registry.
Shim GUID(s): {434abafd-08fa-4c3d-a88d-d09a88e2ab17}. | 3 | 1 | | 4 | 0 | 0 | 4611686018427387904 | 1 | Microsoft-Windows-Kernel-ShimEngine | 0bf2fb94-7b60-4b4d-9766-e82f658df540 | Microsoft-Windows-Kernel-ShimEngine/Operational | 4 | 8 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/17/2018 3:00:49 AM | | | microsoft-windows-kernel-shimengine/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |