| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 16 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | n-h2-771362-3 | S-1-5-18 | 1/25/2021 7:33:42 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 15 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/25/2021 7:32:04 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 14 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:41:28 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 13 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:27:13 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 12 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:26:31 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 11 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:58 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 10 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:47 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. | 3004 | 0 | | 2 | 1 | 104 | -9223372036854775808 | 9 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 2276 | 652 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:32 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. | 3004 | 0 | | 2 | 1 | 104 | -9223372036854775808 | 8 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 2276 | 652 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:32 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 7 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:49:59 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows was unable to update the boot catalog cache file. Status 0xC0000034. | 3024 | 0 | | 3 | 11 | 109 | -9223372036854775808 | 6 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 328 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:53 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 5 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 10:23:53 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 4 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 6:06:21 PM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 3 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:42:07 PM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 2 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 9:01:49 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Code Integrity will disable WHQL driver enforcement for this boot session. Settings 0x0. | 3085 | 0 | | 4 | 20 | 127 | -9223372036854775808 | 1 | Microsoft-Windows-CodeIntegrity | 4ee76bd8-3cf4-44a0-a0ac-3937643e37a3 | Microsoft-Windows-CodeIntegrity/Operational | 4 | 8 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/17/2018 3:00:49 AM | | | microsoft-windows-codeintegrity/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |