MessageIdVersionQualifiersLevelTaskOpcodeKeywordsRecordIdProviderNameProviderIdLogNameProcessIdThreadIdMachineNameUserIdTimeCreatedActivityIdRelatedActivityIdContainerLogMatchedQueryIdsBookmarkLevelDisplayNameOpcodeDisplayNameTaskDisplayNameKeywordsDisplayNamesProperties
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808110Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:40:00 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808109Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:10:00 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{4B0AEEC7-DE38-44D4-AE31-69A4AB1B48F9}" instance of the "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807108Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PM4b0aeec7-de38-44d4-ae31-69a4ab1b48f9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" , instance "{4B0AEEC7-DE38-44D4-AE31-69A4AB1B48F9}" , action "%SystemRoot%\System32\wsqmcons.exe" with return code 0.201242012-9223372036854775808107Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PM4b0aeec7-de38-44d4-ae31-69a4ab1b48f9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%SystemRoot%\System32\wsqmcons.exe" in instance "{4B0AEEC7-DE38-44D4-AE31-69A4AB1B48F9}" of task "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator".200142001-9223372036854775808106Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PM4b0aeec7-de38-44d4-ae31-69a4ab1b48f9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{4B0AEEC7-DE38-44D4-AE31-69A4AB1B48F9}" instance of the "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807105Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PM4b0aeec7-de38-44d4-ae31-69a4ab1b48f9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" , instance "%SystemRoot%\System32\wsqmcons.exe" with process ID 4952.129041290-9223372036854775808104Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{4B0AEEC7-DE38-44D4-AE31-69A4AB1B48F9}" instance of task "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" due to a time trigger condition.107041070-9223372036854775808103Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802424n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 6:00:01 PM4b0aeec7-de38-44d4-ae31-69a4ab1b48f9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered on schedulerSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808102Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:39:59 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{137F8E9B-A1AA-425B-83BB-6CBF760F82B4}" instance of the "\Microsoft\Windows\Autochk\Proxy" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807101Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PM137f8e9b-a1aa-425b-83bb-6cbf760f82b4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Autochk\Proxy" , instance "{137F8E9B-A1AA-425B-83BB-6CBF760F82B4}" , action "%windir%\system32\rundll32.exe" with return code 0.201242012-9223372036854775808100Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PM137f8e9b-a1aa-425b-83bb-6cbf760f82b4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\rundll32.exe" in instance "{137F8E9B-A1AA-425B-83BB-6CBF760F82B4}" of task "\Microsoft\Windows\Autochk\Proxy".200142001-922337203685477580899Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PM137f8e9b-a1aa-425b-83bb-6cbf760f82b4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{137F8E9B-A1AA-425B-83BB-6CBF760F82B4}" instance of the "\Microsoft\Windows\Autochk\Proxy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580798Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PM137f8e9b-a1aa-425b-83bb-6cbf760f82b4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Autochk\Proxy" , instance "%windir%\system32\rundll32.exe" with process ID 580.129041290-922337203685477580897Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{137F8E9B-A1AA-425B-83BB-6CBF760F82B4}" instance of task "\Microsoft\Windows\Autochk\Proxy" due to system startup.118041180-922337203685477580896Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:19:28 PM137f8e9b-a1aa-425b-83bb-6cbf760f82b4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-922337203685477580895Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:09:59 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "NT AUTHORITY\SYSTEM" updated Task Scheduler task "\Microsoft\Windows\WindowsUpdate\Scheduled Start"140041400-922337203685477580894Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 5:05:46 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{20B368A9-C49F-4424-949F-F34E43BDA359}" instance of the "\Microsoft\XblGameSave\XblGameSaveTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580793Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:49:28 PM20b368a9-c49f-4424-949f-f34e43bda359microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\XblGameSave\XblGameSaveTask" , instance "{20B368A9-C49F-4424-949F-F34E43BDA359}" , action "%windir%\System32\XblGameSaveTask.exe" with return code 0.201242012-922337203685477580892Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:49:28 PM20b368a9-c49f-4424-949f-f34e43bda359microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\System32\XblGameSaveTask.exe" in instance "{20B368A9-C49F-4424-949F-F34E43BDA359}" of task "\Microsoft\XblGameSave\XblGameSaveTask".200142001-922337203685477580891Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:49:27 PM20b368a9-c49f-4424-949f-f34e43bda359microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{20B368A9-C49F-4424-949F-F34E43BDA359}" instance of the "\Microsoft\XblGameSave\XblGameSaveTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580790Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:49:27 PM20b368a9-c49f-4424-949f-f34e43bda359microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\XblGameSave\XblGameSaveTask" , instance "%windir%\System32\XblGameSaveTask.exe" with process ID 3924.129041290-922337203685477580889Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:49:27 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "System" disabled Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"142041420-922337203685477580888Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802696n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:33 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask disabledSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"140041400-922337203685477580887Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{52CC4E06-7101-4894-96CC-39C0527A95D5}" instance of the "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580786Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:28 PM52cc4e06-7101-4894-96cc-39c0527a95d5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" , instance "{52CC4E06-7101-4894-96CC-39C0527A95D5}" , action "%systemroot%\system32\usoclient.exe" with return code 0.201242012-922337203685477580885Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:28 PM52cc4e06-7101-4894-96cc-39c0527a95d5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "System" updated Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"140041400-922337203685477580884Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{DB9D5848-6F0D-4851-9AC1-F6E72AADF28E}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580783Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMdb9d5848-6f0d-4851-9ac1-f6e72aadf28emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "{DB9D5848-6F0D-4851-9AC1-F6E72AADF28E}" , action "%windir%\system32\wermgr.exe" with return code 0.201242012-922337203685477580882Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMdb9d5848-6f0d-4851-9ac1-f6e72aadf28emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%systemroot%\system32\usoclient.exe" in instance "{52CC4E06-7101-4894-96CC-39C0527A95D5}" of task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan".200142001-922337203685477580881Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PM52cc4e06-7101-4894-96cc-39c0527a95d5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{52CC4E06-7101-4894-96CC-39C0527A95D5}" instance of the "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580780Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PM52cc4e06-7101-4894-96cc-39c0527a95d5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" , instance "%systemroot%\system32\usoclient.exe" with process ID 4740.129041290-922337203685477580879Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\wermgr.exe" in instance "{DB9D5848-6F0D-4851-9AC1-F6E72AADF28E}" of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting".200142001-922337203685477580878Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMdb9d5848-6f0d-4851-9ac1-f6e72aadf28emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{DB9D5848-6F0D-4851-9AC1-F6E72AADF28E}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580777Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMdb9d5848-6f0d-4851-9ac1-f6e72aadf28emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "%windir%\system32\wermgr.exe" with process ID 4604.129041290-922337203685477580876Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler could not launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" as scheduled. Instance "{DB9D5848-6F0D-4851-9AC1-F6E72AADF28E}" is started now as required by the configuration option to start the task when available, if schedule is missed.114031140-922337203685477580875Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801516n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PMdb9d5848-6f0d-4851-9ac1-f6e72aadf28emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoMissed task startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler could not launch task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" as scheduled. Instance "{52CC4E06-7101-4894-96CC-39C0527A95D5}" is started now as required by the configuration option to start the task when available, if schedule is missed.114031140-922337203685477580874Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802292n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:45:27 PM52cc4e06-7101-4894-96cc-39c0527a95d5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoMissed task startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{D031EC52-5BB1-42FA-9850-2892410279BC}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580773Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMd031ec52-5bb1-42fa-9850-2892410279bcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "{D031EC52-5BB1-42FA-9850-2892410279BC}" , action "%windir%\system32\wermgr.exe" with return code 0.201242012-922337203685477580872Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMd031ec52-5bb1-42fa-9850-2892410279bcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\wermgr.exe" in instance "{D031EC52-5BB1-42FA-9850-2892410279BC}" of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting".200142001-922337203685477580871Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMd031ec52-5bb1-42fa-9850-2892410279bcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{D031EC52-5BB1-42FA-9850-2892410279BC}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580770Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMd031ec52-5bb1-42fa-9850-2892410279bcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "%windir%\system32\wermgr.exe" with process ID 2352.129041290-922337203685477580869Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{D031EC52-5BB1-42FA-9850-2892410279BC}" instance of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" due to system startup.118041180-922337203685477580868Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:28 PMd031ec52-5bb1-42fa-9850-2892410279bcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-922337203685477580867Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:42:02 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{4C225320-71C0-4CCF-8B96-6147644FD0C7}" instance of the "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580766Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:41:17 PM4c225320-71c0-4ccf-8b96-6147644fd0c7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" , instance "{4C225320-71C0-4CCF-8B96-6147644FD0C7}" , action "%windir%\system32\compattelrunner.exe" with return code 0.201242012-922337203685477580865Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:41:17 PM4c225320-71c0-4ccf-8b96-6147644fd0c7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{6CBB207A-1E60-415B-823C-0F5359299DBD}" instance of the "\Microsoft\Windows\Software Inventory Logging\Configuration" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580764Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:32 PM6cbb207a-1e60-415b-823c-0f5359299dbdmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Software Inventory Logging\Configuration" , instance "{6CBB207A-1E60-415B-823C-0F5359299DBD}" , action "%systemroot%\system32\cmd.exe" with return code 0.201242012-922337203685477580863Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802872n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:32 PM6cbb207a-1e60-415b-823c-0f5359299dbdmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%systemroot%\system32\cmd.exe" in instance "{6CBB207A-1E60-415B-823C-0F5359299DBD}" of task "\Microsoft\Windows\Software Inventory Logging\Configuration".200142001-922337203685477580862Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:28 PM6cbb207a-1e60-415b-823c-0f5359299dbdmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{6CBB207A-1E60-415B-823C-0F5359299DBD}" instance of the "\Microsoft\Windows\Software Inventory Logging\Configuration" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580761Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:28 PM6cbb207a-1e60-415b-823c-0f5359299dbdmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Software Inventory Logging\Configuration" , instance "%systemroot%\system32\cmd.exe" with process ID 4180.129041290-922337203685477580860Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{6CBB207A-1E60-415B-823C-0F5359299DBD}" instance of task "\Microsoft\Windows\Software Inventory Logging\Configuration" due to system startup.118041180-922337203685477580859Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:28 PM6cbb207a-1e60-415b-823c-0f5359299dbdmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-792803-3\N-H2-792803-3$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-922337203685477580858Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:13 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{E83A01EB-2042-41E9-ABDB-726F7518D867}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580757Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe83a01eb-2042-41e9-abdb-726f7518d867microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{E83A01EB-2042-41E9-ABDB-726F7518D867}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580856Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe83a01eb-2042-41e9-abdb-726f7518d867microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{E83A01EB-2042-41E9-ABDB-726F7518D867}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580855Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe83a01eb-2042-41e9-abdb-726f7518d867microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{E83A01EB-2042-41E9-ABDB-726F7518D867}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580754Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe83a01eb-2042-41e9-abdb-726f7518d867microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "taskhostw.exe" with process ID 4524.129041290-922337203685477580853Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{E69F6E83-1804-4993-99DC-0A7B2738A0A0}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580752Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe69f6e83-1804-4993-99dc-0a7b2738a0a0microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{E69F6E83-1804-4993-99DC-0A7B2738A0A0}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580851Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe69f6e83-1804-4993-99dc-0a7b2738a0a0microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{E69F6E83-1804-4993-99DC-0A7B2738A0A0}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580850Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe69f6e83-1804-4993-99dc-0a7b2738a0a0microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{E69F6E83-1804-4993-99DC-0A7B2738A0A0}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580749Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMe69f6e83-1804-4993-99dc-0a7b2738a0a0microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 2052.129041290-922337203685477580848Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{A7CE2E9E-820E-4271-8B86-19B7EE879D47}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580747Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMa7ce2e9e-820e-4271-8b86-19b7ee879d47microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{A7CE2E9E-820E-4271-8B86-19B7EE879D47}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580846Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMa7ce2e9e-820e-4271-8b86-19b7ee879d47microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{A7CE2E9E-820E-4271-8B86-19B7EE879D47}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580845Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMa7ce2e9e-820e-4271-8b86-19b7ee879d47microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{A7CE2E9E-820E-4271-8B86-19B7EE879D47}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580744Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMa7ce2e9e-820e-4271-8b86-19b7ee879d47microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 2448.129041290-922337203685477580843Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:40:06 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{E0264D1F-F137-41CF-B226-055DCB04E23E}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580742Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:57 PMe0264d1f-f137-41cf-b226-055dcb04e23emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{E0264D1F-F137-41CF-B226-055DCB04E23E}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580841Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:57 PMe0264d1f-f137-41cf-b226-055dcb04e23emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{E0264D1F-F137-41CF-B226-055DCB04E23E}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580840Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:57 PMe0264d1f-f137-41cf-b226-055dcb04e23emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{E0264D1F-F137-41CF-B226-055DCB04E23E}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580739Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:57 PMe0264d1f-f137-41cf-b226-055dcb04e23emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 4844.129041290-922337203685477580838Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802308n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:57 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{810117D2-34ED-465F-9DBF-5275A01D5F4E}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580737Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM810117d2-34ed-465f-9dbf-5275a01d5f4emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{810117D2-34ED-465F-9DBF-5275A01D5F4E}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580836Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM810117d2-34ed-465f-9dbf-5275a01d5f4emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{810117D2-34ED-465F-9DBF-5275A01D5F4E}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580835Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM810117d2-34ed-465f-9dbf-5275a01d5f4emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{810117D2-34ED-465F-9DBF-5275A01D5F4E}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580734Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM810117d2-34ed-465f-9dbf-5275a01d5f4emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "taskhostw.exe" with process ID 4816.129041290-922337203685477580833Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{4019C8A3-CEEC-40F1-AF6C-598E7CE727E5}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580732Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM4019c8a3-ceec-40f1-af6c-598e7ce727e5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{4019C8A3-CEEC-40F1-AF6C-598E7CE727E5}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580831Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM4019c8a3-ceec-40f1-af6c-598e7ce727e5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{4019C8A3-CEEC-40F1-AF6C-598E7CE727E5}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580830Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM4019c8a3-ceec-40f1-af6c-598e7ce727e5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{4019C8A3-CEEC-40F1-AF6C-598E7CE727E5}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580729Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PM4019c8a3-ceec-40f1-af6c-598e7ce727e5microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 4760.129041290-922337203685477580828Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801768n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:56 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{4867E46F-D704-4926-AA14-E46B49CC7449}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580727Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PM4867e46f-d704-4926-aa14-e46b49cc7449microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{4867E46F-D704-4926-AA14-E46B49CC7449}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580826Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PM4867e46f-d704-4926-aa14-e46b49cc7449microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{4867E46F-D704-4926-AA14-E46B49CC7449}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580825Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PM4867e46f-d704-4926-aa14-e46b49cc7449microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{4867E46F-D704-4926-AA14-E46B49CC7449}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580724Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PM4867e46f-d704-4926-aa14-e46b49cc7449microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 3880.129041290-922337203685477580823Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{4867E46F-D704-4926-AA14-E46B49CC7449}" instance of task "\Microsoft\Windows\CertificateServicesClient\SystemTask" due to system startup.118041180-922337203685477580822Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:38 PM4867e46f-d704-4926-aa14-e46b49cc7449microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{3DBA7C8E-7BAE-46F2-9BE5-F97EC6EBEA9C}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580721Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PM3dba7c8e-7bae-46f2-9be5-f97ec6ebea9cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{3DBA7C8E-7BAE-46F2-9BE5-F97EC6EBEA9C}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580820Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PM3dba7c8e-7bae-46f2-9be5-f97ec6ebea9cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{C57E9624-FC80-4272-8C96-1FB2C791792D}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580719Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMc57e9624-fc80-4272-8c96-1fb2c791792dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{C57E9624-FC80-4272-8C96-1FB2C791792D}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580818Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMc57e9624-fc80-4272-8c96-1fb2c791792dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{C57E9624-FC80-4272-8C96-1FB2C791792D}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580817Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14803848n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMc57e9624-fc80-4272-8c96-1fb2c791792dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{C57E9624-FC80-4272-8C96-1FB2C791792D}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580716Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14803848n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMc57e9624-fc80-4272-8c96-1fb2c791792dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{2C4FA20B-D3C9-4029-8663-6B3634093191}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580715Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PM2c4fa20b-d3c9-4029-8663-6b3634093191microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{2C4FA20B-D3C9-4029-8663-6B3634093191}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580814Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PM2c4fa20b-d3c9-4029-8663-6b3634093191microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{CD32C2F7-DDBE-46E4-917C-922AFA0480C3}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580713Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMcd32c2f7-ddbe-46e4-917c-922afa0480c3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{CD32C2F7-DDBE-46E4-917C-922AFA0480C3}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580812Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:37 PMcd32c2f7-ddbe-46e4-917c-922afa0480c3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler queued instance "{C57E9624-FC80-4272-8C96-1FB2C791792D}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance" and will launch it as soon as instance "{2C4FA20B-D3C9-4029-8663-6B3634093191}" completes.324033240-922337203685477580811Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802696n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:32 PMc57e9624-fc80-4272-8c96-1fb2c791792dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoLaunch request queued, instance already runningSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{3DBA7C8E-7BAE-46F2-9BE5-F97EC6EBEA9C}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580810Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:32 PM3dba7c8e-7bae-46f2-9be5-f97ec6ebea9cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{3DBA7C8E-7BAE-46F2-9BE5-F97EC6EBEA9C}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758079Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14802884n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:32 PM3dba7c8e-7bae-46f2-9be5-f97ec6ebea9cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{CD32C2F7-DDBE-46E4-917C-922AFA0480C3}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-92233720368547758088Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:32 PMcd32c2f7-ddbe-46e4-917c-922afa0480c3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{CD32C2F7-DDBE-46E4-917C-922AFA0480C3}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758077Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801916n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:32 PMcd32c2f7-ddbe-46e4-917c-922afa0480c3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\compattelrunner.exe" in instance "{4C225320-71C0-4CCF-8B96-6147644FD0C7}" of task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser".200142001-92233720368547758086Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PM4c225320-71c0-4ccf-8b96-6147644fd0c7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{4C225320-71C0-4CCF-8B96-6147644FD0C7}" instance of the "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758075Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PM4c225320-71c0-4ccf-8b96-6147644fd0c7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" , instance "%windir%\system32\compattelrunner.exe" with process ID 2180.129041290-92233720368547758084Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{2C4FA20B-D3C9-4029-8663-6B3634093191}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-92233720368547758083Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PM2c4fa20b-d3c9-4029-8663-6b3634093191microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{2C4FA20B-D3C9-4029-8663-6B3634093191}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758072Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PM2c4fa20b-d3c9-4029-8663-6b3634093191microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 2564.129041290-92233720368547758081Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14801704n-h2-792803-3.cbci-792803-3.localS-1-5-1810/5/2022 4:39:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]