| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 48 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2644 | 3008 | n-h2-765311-5.cbci-765311-5.local | S-1-5-18 | 12/9/2020 1:30:52 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 47 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2644 | 2488 | n-h2-765311-5.cbci-765311-5.local | S-1-5-18 | 12/9/2020 1:30:49 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 46 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2528 | 3856 | n-h2-765311-5.cbci-765311-5.local | S-1-5-18 | 12/9/2020 1:30:30 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 45 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2528 | 2880 | n-h2-765311-5 | S-1-5-18 | 12/9/2020 12:45:56 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 44 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2528 | 2880 | n-h2-765311-5 | S-1-5-18 | 12/9/2020 12:45:53 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 43 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2240 | 2608 | n-h2-765311-5 | S-1-5-18 | 12/9/2020 12:45:23 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 42 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2240 | 2564 | WIN-5T344G8GM1H | S-1-5-18 | 12/9/2020 12:44:36 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 41 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2240 | 2564 | WIN-5T344G8GM1H | S-1-5-18 | 12/9/2020 12:44:29 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 40 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2212 | 4000 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:13 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 39 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2212 | 2708 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:33 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 38 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2212 | 2708 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:31 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 37 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2228 | 2728 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:15 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 36 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2228 | 2728 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:18 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 35 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2228 | 2728 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:16 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 34 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2316 | 3008 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:00 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 33 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2316 | 2740 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:43 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 32 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2316 | 2716 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:41 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 31 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2164 | 2692 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:23 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 30 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2164 | 2692 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:23:03 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 29 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2164 | 2692 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:23:01 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 28 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2188 | 3104 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:50 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 27 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2188 | 2604 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:48 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 3. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 26 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2188 | 3796 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:14:50 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 25 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2188 | 2600 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 24 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2188 | 2604 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:49 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 23 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2888 | 2856 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:40 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 22 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 21 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 20 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2248 | 2560 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:30 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 19 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2248 | 2564 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:50:09 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 18 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2248 | 2564 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:50:03 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 17 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 1716 | 3952 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:49:46 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 16 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 1716 | 5040 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:45:57 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 3. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 15 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:33:58 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 14 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 1716 | 2228 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:23:57 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 13 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 1716 | 2232 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:23:56 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 12 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2032 | 2724 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 6:44:39 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 11 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2032 | 2368 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 6:06:30 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 10 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2032 | 2372 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 6:06:25 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 9 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2092 | 4216 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 6:06:09 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 8 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2092 | 2412 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:42:17 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 7 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2092 | 2416 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:42:11 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 6 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2136 | 6136 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:41:56 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 5 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2136 | 2300 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:02:00 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 4 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 2136 | 2300 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:01:59 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 2. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 3 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 124 | 2080 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 9:01:42 AM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 2 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 124 | 2080 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender state updated to 10. | 101 | 0 | | 0 | 0 | 0 | 4611686018427387904 | 1 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/WHC | 124 | 2080 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:16 PM | | | microsoft-windows-windows defender/whc | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |