MessageIdVersionQualifiersLevelTaskOpcodeKeywordsRecordIdProviderNameProviderIdLogNameProcessIdThreadIdMachineNameUserIdTimeCreatedActivityIdRelatedActivityIdContainerLogMatchedQueryIdsBookmarkLevelDisplayNameOpcodeDisplayNameTaskDisplayNameKeywordsDisplayNamesProperties
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808136Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14444996n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:51:00 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "NT AUTHORITY\SYSTEM" updated Task Scheduler task "\Microsoft\Windows\WindowsUpdate\Scheduled Start"140041400-9223372036854775808135Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14444996n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:44:22 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{192B49C5-A69C-4E1A-AB3C-B4478535144E}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807134Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM192b49c5-a69c-4e1a-ab3c-b4478535144emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{192B49C5-A69C-4E1A-AB3C-B4478535144E}" , action "TPM Maintenance Task Handler" with return code 0.201242012-9223372036854775808133Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM192b49c5-a69c-4e1a-ab3c-b4478535144emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{192B49C5-A69C-4E1A-AB3C-B4478535144E}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-9223372036854775808132Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM192b49c5-a69c-4e1a-ab3c-b4478535144emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{192B49C5-A69C-4E1A-AB3C-B4478535144E}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807131Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM192b49c5-a69c-4e1a-ab3c-b4478535144emicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 3752.129041290-9223372036854775808130Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{1EACB7C7-905E-46BF-993C-B138687CC7F4}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807129Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM1eacb7c7-905e-46bf-993c-b138687cc7f4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{1EACB7C7-905E-46BF-993C-B138687CC7F4}" , action "Certificate Services Client Task Handler" with return code 0.201242012-9223372036854775808128Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM1eacb7c7-905e-46bf-993c-b138687cc7f4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{92A0093A-3118-48DD-8FCD-2D448BD2B026}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807127Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM92a0093a-3118-48dd-8fcd-2d448bd2b026microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{92A0093A-3118-48DD-8FCD-2D448BD2B026}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-9223372036854775808126Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM92a0093a-3118-48dd-8fcd-2d448bd2b026microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{92A0093A-3118-48DD-8FCD-2D448BD2B026}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-9223372036854775808125Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM92a0093a-3118-48dd-8fcd-2d448bd2b026microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{92A0093A-3118-48DD-8FCD-2D448BD2B026}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807124Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM92a0093a-3118-48dd-8fcd-2d448bd2b026microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{1EACB7C7-905E-46BF-993C-B138687CC7F4}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-9223372036854775808123Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM1eacb7c7-905e-46bf-993c-b138687cc7f4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{1EACB7C7-905E-46BF-993C-B138687CC7F4}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807122Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PM1eacb7c7-905e-46bf-993c-b138687cc7f4microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 4272.129041290-9223372036854775808121Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:34:21 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{59D6A8C2-C83B-419D-9B08-5E4537D875B9}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807120Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:21 PM59d6a8c2-c83b-419d-9b08-5e4537d875b9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "{59D6A8C2-C83B-419D-9B08-5E4537D875B9}" , action "%windir%\system32\wermgr.exe" with return code 0.201242012-9223372036854775808119Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:21 PM59d6a8c2-c83b-419d-9b08-5e4537d875b9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\wermgr.exe" in instance "{59D6A8C2-C83B-419D-9B08-5E4537D875B9}" of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting".200142001-9223372036854775808118Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:21 PM59d6a8c2-c83b-419d-9b08-5e4537d875b9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{59D6A8C2-C83B-419D-9B08-5E4537D875B9}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807117Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:21 PM59d6a8c2-c83b-419d-9b08-5e4537d875b9microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "%windir%\system32\wermgr.exe" with process ID 2140.129041290-9223372036854775808116Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:21 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{00000000-0000-0000-0000-000000000000}" instance of task "\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" according to an event trigger.108041080-9223372036854775808115Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:32:20 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered on eventSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808114Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441732n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:20:59 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{FE48C61F-078A-4C9A-AECE-CD27B5D80981}" instance of the "\Microsoft\Windows\Autochk\Proxy" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807113Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMfe48c61f-078a-4c9a-aece-cd27b5d80981microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Autochk\Proxy" , instance "{FE48C61F-078A-4C9A-AECE-CD27B5D80981}" , action "%windir%\system32\rundll32.exe" with return code 0.201242012-9223372036854775808112Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMfe48c61f-078a-4c9a-aece-cd27b5d80981microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\rundll32.exe" in instance "{FE48C61F-078A-4C9A-AECE-CD27B5D80981}" of task "\Microsoft\Windows\Autochk\Proxy".200142001-9223372036854775808111Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMfe48c61f-078a-4c9a-aece-cd27b5d80981microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{FE48C61F-078A-4C9A-AECE-CD27B5D80981}" instance of the "\Microsoft\Windows\Autochk\Proxy" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807110Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMfe48c61f-078a-4c9a-aece-cd27b5d80981microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Autochk\Proxy" , instance "%windir%\system32\rundll32.exe" with process ID 2748.129041290-9223372036854775808109Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{FE48C61F-078A-4C9A-AECE-CD27B5D80981}" instance of task "\Microsoft\Windows\Autochk\Proxy" due to system startup.118041180-9223372036854775808108Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14441504n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 2:00:30 PMfe48c61f-078a-4c9a-aece-cd27b5d80981microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "NT AUTHORITY\SYSTEM" updated Task Scheduler task "\Microsoft\Windows\WindowsUpdate\Scheduled Start"140041400-9223372036854775808107Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442944n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:56:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-9223372036854775808106Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:50:59 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{02139AF5-0DEA-4F33-B591-39B2283CF357}" instance of the "\Microsoft\XblGameSave\XblGameSaveTask" task for user "NT AUTHORITY\SYSTEM".102041022-9223372036854775807105Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:30:29 PM02139af5-0dea-4f33-b591-39b2283cf357microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\XblGameSave\XblGameSaveTask" , instance "{02139AF5-0DEA-4F33-B591-39B2283CF357}" , action "%windir%\System32\XblGameSaveTask.exe" with return code 0.201242012-9223372036854775808104Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:30:29 PM02139af5-0dea-4f33-b591-39b2283cf357microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\System32\XblGameSaveTask.exe" in instance "{02139AF5-0DEA-4F33-B591-39B2283CF357}" of task "\Microsoft\XblGameSave\XblGameSaveTask".200142001-9223372036854775808103Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:30:29 PM02139af5-0dea-4f33-b591-39b2283cf357microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{02139AF5-0DEA-4F33-B591-39B2283CF357}" instance of the "\Microsoft\XblGameSave\XblGameSaveTask" task for user "NT AUTHORITY\SYSTEM".100041001-9223372036854775807102Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:30:29 PM02139af5-0dea-4f33-b591-39b2283cf357microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\XblGameSave\XblGameSaveTask" , instance "%windir%\System32\XblGameSaveTask.exe" with process ID 4996.129041290-9223372036854775808101Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:30:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "System" disabled Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"142041420-9223372036854775808100Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:33 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask disabledSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"140041400-922337203685477580899Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:30 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{9C8FD71C-6FB3-4415-8A13-73EC53ACC641}" instance of the "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580798Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442944n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:29 PM9c8fd71c-6fb3-4415-8a13-73ec53acc641microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" , instance "{9C8FD71C-6FB3-4415-8A13-73EC53ACC641}" , action "%systemroot%\system32\usoclient.exe" with return code 0.201242012-922337203685477580897Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442944n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:29 PM9c8fd71c-6fb3-4415-8a13-73ec53acc641microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "System" updated Task Scheduler task "\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"140041400-922337203685477580896Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442876n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%systemroot%\system32\usoclient.exe" in instance "{9C8FD71C-6FB3-4415-8A13-73EC53ACC641}" of task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan".200142001-922337203685477580895Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443036n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:28 PM9c8fd71c-6fb3-4415-8a13-73ec53acc641microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{9C8FD71C-6FB3-4415-8A13-73EC53ACC641}" instance of the "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580794Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443036n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:28 PM9c8fd71c-6fb3-4415-8a13-73ec53acc641microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" , instance "%systemroot%\system32\usoclient.exe" with process ID 2828.129041290-922337203685477580893Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443036n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:28 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler could not launch task "\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" as scheduled. Instance "{9C8FD71C-6FB3-4415-8A13-73EC53ACC641}" is started now as required by the configuration option to start the task when available, if schedule is missed.114031140-922337203685477580892Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443036n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:29:28 PM9c8fd71c-6fb3-4415-8a13-73ec53acc641microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoMissed task startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{96F27634-570A-42AD-92AE-F61D73FAB358}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580791Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PM96f27634-570a-42ad-92ae-f61d73fab358microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "{96F27634-570A-42AD-92AE-F61D73FAB358}" , action "%windir%\system32\wermgr.exe" with return code 0.201242012-922337203685477580890Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PM96f27634-570a-42ad-92ae-f61d73fab358microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\wermgr.exe" in instance "{96F27634-570A-42AD-92AE-F61D73FAB358}" of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting".200142001-922337203685477580889Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PM96f27634-570a-42ad-92ae-f61d73fab358microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{96F27634-570A-42AD-92AE-F61D73FAB358}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580788Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PM96f27634-570a-42ad-92ae-f61d73fab358microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "%windir%\system32\wermgr.exe" with process ID 828.129041290-922337203685477580887Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{96F27634-570A-42AD-92AE-F61D73FAB358}" instance of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" due to system startup.118041180-922337203685477580886Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:29 PM96f27634-570a-42ad-92ae-f61d73fab358microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-922337203685477580885Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:23:02 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{5CFBC619-435F-4553-9DAB-394A783A41BF}" instance of the "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580784Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:22:18 PM5cfbc619-435f-4553-9dab-394a783a41bfmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" , instance "{5CFBC619-435F-4553-9DAB-394A783A41BF}" , action "%windir%\system32\compattelrunner.exe" with return code 0.201242012-922337203685477580883Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:22:18 PM5cfbc619-435f-4553-9dab-394a783a41bfmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{69461D39-ECA4-40D1-8D39-98733A141481}" instance of the "\Microsoft\Windows\Software Inventory Logging\Configuration" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580782Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PM69461d39-eca4-40d1-8d39-98733a141481microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Software Inventory Logging\Configuration" , instance "{69461D39-ECA4-40D1-8D39-98733A141481}" , action "%systemroot%\system32\cmd.exe" with return code 0.201242012-922337203685477580881Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PM69461d39-eca4-40d1-8d39-98733a141481microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%systemroot%\system32\cmd.exe" in instance "{69461D39-ECA4-40D1-8D39-98733A141481}" of task "\Microsoft\Windows\Software Inventory Logging\Configuration".200142001-922337203685477580880Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PM69461d39-eca4-40d1-8d39-98733a141481microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{69461D39-ECA4-40D1-8D39-98733A141481}" instance of the "\Microsoft\Windows\Software Inventory Logging\Configuration" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580779Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PM69461d39-eca4-40d1-8d39-98733a141481microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Software Inventory Logging\Configuration" , instance "%systemroot%\system32\cmd.exe" with process ID 5012.129041290-922337203685477580878Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{69461D39-ECA4-40D1-8D39-98733A141481}" instance of task "\Microsoft\Windows\Software Inventory Logging\Configuration" due to system startup.118041180-922337203685477580877Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442824n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:29 PM69461d39-eca4-40d1-8d39-98733a141481microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
User "CBCI-794796-1\N-H1-794796-1$" updated Task Scheduler task "\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"140041400-922337203685477580876Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask registration updatedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{879B608E-9747-47A7-AF39-2AA4E783A971}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580775Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM879b608e-9747-47a7-af39-2aa4e783a971microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{879B608E-9747-47A7-AF39-2AA4E783A971}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580874Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM879b608e-9747-47a7-af39-2aa4e783a971microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{879B608E-9747-47A7-AF39-2AA4E783A971}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580873Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM879b608e-9747-47a7-af39-2aa4e783a971microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{879B608E-9747-47A7-AF39-2AA4E783A971}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580772Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM879b608e-9747-47a7-af39-2aa4e783a971microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 4952.129041290-922337203685477580871Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{D242AEA7-7820-464E-9381-3742D28C2B2D}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580770Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMd242aea7-7820-464e-9381-3742d28c2b2dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{D242AEA7-7820-464E-9381-3742D28C2B2D}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580869Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMd242aea7-7820-464e-9381-3742d28c2b2dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{292242CA-72C2-459E-B70C-DF4C9938AF0C}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580768Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM292242ca-72c2-459e-b70c-df4c9938af0cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{292242CA-72C2-459E-B70C-DF4C9938AF0C}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580867Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM292242ca-72c2-459e-b70c-df4c9938af0cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{292242CA-72C2-459E-B70C-DF4C9938AF0C}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580866Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM292242ca-72c2-459e-b70c-df4c9938af0cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{292242CA-72C2-459E-B70C-DF4C9938AF0C}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580765Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PM292242ca-72c2-459e-b70c-df4c9938af0cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{D242AEA7-7820-464E-9381-3742D28C2B2D}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580864Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMd242aea7-7820-464e-9381-3742d28c2b2dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{D242AEA7-7820-464E-9381-3742D28C2B2D}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580763Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMd242aea7-7820-464e-9381-3742d28c2b2dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 4504.129041290-922337203685477580862Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:21:07 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{DC12ADC0-D35E-4D9E-8578-77D17450B39A}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580761Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMdc12adc0-d35e-4d9e-8578-77d17450b39amicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{DC12ADC0-D35E-4D9E-8578-77D17450B39A}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580860Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMdc12adc0-d35e-4d9e-8578-77d17450b39amicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{DC12ADC0-D35E-4D9E-8578-77D17450B39A}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580859Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMdc12adc0-d35e-4d9e-8578-77d17450b39amicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{DC12ADC0-D35E-4D9E-8578-77D17450B39A}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580758Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMdc12adc0-d35e-4d9e-8578-77d17450b39amicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 4312.129041290-922337203685477580857Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442768n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{32F93D85-C984-48BF-B2C1-25FED59B7EB3}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580756Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM32f93d85-c984-48bf-b2c1-25fed59b7eb3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{32F93D85-C984-48BF-B2C1-25FED59B7EB3}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580855Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM32f93d85-c984-48bf-b2c1-25fed59b7eb3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{32F93D85-C984-48BF-B2C1-25FED59B7EB3}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580854Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM32f93d85-c984-48bf-b2c1-25fed59b7eb3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{32F93D85-C984-48BF-B2C1-25FED59B7EB3}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580753Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM32f93d85-c984-48bf-b2c1-25fed59b7eb3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "taskhostw.exe" with process ID 4336.129041290-922337203685477580852Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{027F4ACA-1F16-4836-8B7C-FDD19453E956}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580751Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM027f4aca-1f16-4836-8b7c-fdd19453e956microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{027F4ACA-1F16-4836-8B7C-FDD19453E956}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580850Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442712n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM027f4aca-1f16-4836-8b7c-fdd19453e956microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{027F4ACA-1F16-4836-8B7C-FDD19453E956}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580849Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM027f4aca-1f16-4836-8b7c-fdd19453e956microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{027F4ACA-1F16-4836-8B7C-FDD19453E956}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580748Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PM027f4aca-1f16-4836-8b7c-fdd19453e956microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "taskhostw.exe" with process ID 4452.129041290-922337203685477580847Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:58 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{9855043D-03AC-453F-A842-C2167C6A9FA3}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580746Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:53 PM9855043d-03ac-453f-a842-c2167c6a9fa3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "{9855043D-03AC-453F-A842-C2167C6A9FA3}" , action "%windir%\system32\wermgr.exe" with return code 0.201242012-922337203685477580845Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:53 PM9855043d-03ac-453f-a842-c2167c6a9fa3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{F4D427EB-8657-42C3-AC2B-5BC95E7E2295}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580744Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMf4d427eb-8657-42c3-ac2b-5bc95e7e2295microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{F4D427EB-8657-42C3-AC2B-5BC95E7E2295}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580843Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMf4d427eb-8657-42c3-ac2b-5bc95e7e2295microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{0E67A857-B0ED-4DE5-B5F4-1125FFBADD6B}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580742Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM0e67a857-b0ed-4de5-b5f4-1125ffbadd6bmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{0E67A857-B0ED-4DE5-B5F4-1125FFBADD6B}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580841Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM0e67a857-b0ed-4de5-b5f4-1125ffbadd6bmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{FEA8A9E9-0E83-4DC3-8F48-C7474290CFF7}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580740Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfea8a9e9-0e83-4dc3-8f48-c7474290cff7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{FEA8A9E9-0E83-4DC3-8F48-C7474290CFF7}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580839Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfea8a9e9-0e83-4dc3-8f48-c7474290cff7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{FEA8A9E9-0E83-4DC3-8F48-C7474290CFF7}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580838Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443652n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfea8a9e9-0e83-4dc3-8f48-c7474290cff7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{FEA8A9E9-0E83-4DC3-8F48-C7474290CFF7}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580737Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443652n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfea8a9e9-0e83-4dc3-8f48-c7474290cff7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{FDC1419D-EB1E-45B2-8A37-CA30B761B09D}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580736Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfdc1419d-eb1e-45b2-8a37-ca30b761b09dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{FDC1419D-EB1E-45B2-8A37-CA30B761B09D}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580835Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfdc1419d-eb1e-45b2-8a37-ca30b761b09dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{FDC1419D-EB1E-45B2-8A37-CA30B761B09D}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-922337203685477580834Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442416n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfdc1419d-eb1e-45b2-8a37-ca30b761b09dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{FDC1419D-EB1E-45B2-8A37-CA30B761B09D}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580733Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442416n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PMfdc1419d-eb1e-45b2-8a37-ca30b761b09dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{21FE56CD-4F6B-4C82-9159-9708846747A2}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580732Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM21fe56cd-4f6b-4c82-9159-9708846747a2microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "{21FE56CD-4F6B-4C82-9159-9708846747A2}" , action "TPM Maintenance Task Handler" with return code 0.201242012-922337203685477580831Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM21fe56cd-4f6b-4c82-9159-9708846747a2microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{593BB152-6797-4C49-9987-405160BC65FC}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580730Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM593bb152-6797-4c49-9987-405160bc65fcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{593BB152-6797-4C49-9987-405160BC65FC}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580829Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM593bb152-6797-4c49-9987-405160bc65fcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{593BB152-6797-4C49-9987-405160BC65FC}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580828Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443652n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM593bb152-6797-4c49-9987-405160bc65fcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{593BB152-6797-4C49-9987-405160BC65FC}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580727Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443652n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM593bb152-6797-4c49-9987-405160bc65fcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{6A64F648-FA91-4045-BE35-5403714DBC6C}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580726Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM6a64f648-fa91-4045-be35-5403714dbc6cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" , instance "{6A64F648-FA91-4045-BE35-5403714DBC6C}" , action "Device Installation Group Policy Task Handler" with return code 0.201242012-922337203685477580825Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:51 PM6a64f648-fa91-4045-be35-5403714dbc6cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\wermgr.exe" in instance "{9855043D-03AC-453F-A842-C2167C6A9FA3}" of task "\Microsoft\Windows\Windows Error Reporting\QueueReporting".200142001-922337203685477580824Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:48 PM9855043d-03ac-453f-a842-c2167c6a9fa3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{9855043D-03AC-453F-A842-C2167C6A9FA3}" instance of the "\Microsoft\Windows\Windows Error Reporting\QueueReporting" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580723Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:48 PM9855043d-03ac-453f-a842-c2167c6a9fa3microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Windows Error Reporting\QueueReporting" , instance "%windir%\system32\wermgr.exe" with process ID 4692.129041290-922337203685477580822Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:48 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{00000000-0000-0000-0000-000000000000}" instance of task "\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" according to an event trigger.108041080-922337203685477580821Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:48 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered on eventSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{F4D427EB-8657-42C3-AC2B-5BC95E7E2295}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580820Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:39 PMf4d427eb-8657-42c3-ac2b-5bc95e7e2295microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{F4D427EB-8657-42C3-AC2B-5BC95E7E2295}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580719Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:39 PMf4d427eb-8657-42c3-ac2b-5bc95e7e2295microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched "{F4D427EB-8657-42C3-AC2B-5BC95E7E2295}" instance of task "\Microsoft\Windows\CertificateServicesClient\SystemTask" due to system startup.118041180-922337203685477580818Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:39 PMf4d427eb-8657-42c3-ac2b-5bc95e7e2295microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoTask triggered by computer startupSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully finished "{66D76F2D-6802-4FAF-B583-532FA84637D7}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".102041022-922337203685477580717Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:35 PM66d76f2d-6802-4faf-b583-532fa84637d7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopTask completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler successfully completed task "\Microsoft\Windows\CertificateServicesClient\SystemTask" , instance "{66D76F2D-6802-4FAF-B583-532FA84637D7}" , action "Certificate Services Client Task Handler" with return code 0.201242012-922337203685477580816Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:35 PM66d76f2d-6802-4faf-b583-532fa84637d7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStopAction completedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler queued instance "{FEA8A9E9-0E83-4DC3-8F48-C7474290CFF7}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance" and will launch it as soon as instance "{21FE56CD-4F6B-4C82-9159-9708846747A2}" completes.324033240-922337203685477580815Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PMfea8a9e9-0e83-4dc3-8f48-c7474290cff7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoLaunch request queued, instance already runningSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler queued instance "{593BB152-6797-4C49-9987-405160BC65FC}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy" and will launch it as soon as instance "{6A64F648-FA91-4045-BE35-5403714DBC6C}" completes.324033240-922337203685477580814Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442304n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM593bb152-6797-4c49-9987-405160bc65fcmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoLaunch request queued, instance already runningSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler queued instance "{FDC1419D-EB1E-45B2-8A37-CA30B761B09D}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance" and will launch it as soon as instance "{21FE56CD-4F6B-4C82-9159-9708846747A2}" completes.324033240-922337203685477580813Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442052n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PMfdc1419d-eb1e-45b2-8a37-ca30b761b09dmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkWarningInfoLaunch request queued, instance already runningSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{66D76F2D-6802-4FAF-B583-532FA84637D7}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-922337203685477580812Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442876n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM66d76f2d-6802-4faf-b583-532fa84637d7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{66D76F2D-6802-4FAF-B583-532FA84637D7}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-922337203685477580711Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442876n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM66d76f2d-6802-4faf-b583-532fa84637d7microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Device Installation Group Policy Task Handler" in instance "{6A64F648-FA91-4045-BE35-5403714DBC6C}" of task "\Microsoft\Windows\Plug and Play\Device Install Group Policy".200142001-922337203685477580810Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442876n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM6a64f648-fa91-4045-be35-5403714dbc6cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{6A64F648-FA91-4045-BE35-5403714DBC6C}" instance of the "\Microsoft\Windows\Plug and Play\Device Install Group Policy" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758079Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442876n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM6a64f648-fa91-4045-be35-5403714dbc6cmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "Certificate Services Client Task Handler" in instance "{0E67A857-B0ED-4DE5-B5F4-1125FFBADD6B}" of task "\Microsoft\Windows\CertificateServicesClient\SystemTask".200142001-92233720368547758088Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM0e67a857-b0ed-4de5-b5f4-1125ffbadd6bmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{0E67A857-B0ED-4DE5-B5F4-1125FFBADD6B}" instance of the "\Microsoft\Windows\CertificateServicesClient\SystemTask" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758077Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442708n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:33 PM0e67a857-b0ed-4de5-b5f4-1125ffbadd6bmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "%windir%\system32\compattelrunner.exe" in instance "{5CFBC619-435F-4553-9DAB-394A783A41BF}" of task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser".200142001-92233720368547758086Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443056n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PM5cfbc619-435f-4553-9dab-394a783a41bfmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{5CFBC619-435F-4553-9DAB-394A783A41BF}" instance of the "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758075Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443056n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PM5cfbc619-435f-4553-9dab-394a783a41bfmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" , instance "%windir%\system32\compattelrunner.exe" with process ID 1880.129041290-92233720368547758084Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14443056n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launched action "TPM Maintenance Task Handler" in instance "{21FE56CD-4F6B-4C82-9159-9708846747A2}" of task "\Microsoft\Windows\TPM\Tpm-Maintenance".200142001-92233720368547758083Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PM21fe56cd-4f6b-4c82-9159-9708846747a2microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartAction startedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler started "{21FE56CD-4F6B-4C82-9159-9708846747A2}" instance of the "\Microsoft\Windows\TPM\Tpm-Maintenance" task for user "NT AUTHORITY\SYSTEM".100041001-92233720368547758072Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PM21fe56cd-4f6b-4c82-9159-9708846747a2microsoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationStartTask StartedSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
Task Scheduler launch task "\Microsoft\Windows\TPM\Tpm-Maintenance" , instance "taskhostw.exe" with process ID 2984.129041290-92233720368547758081Microsoft-Windows-TaskSchedulerde7b24ea-73c8-4a09-985d-5bdadcfa9017Microsoft-Windows-TaskScheduler/Operational14442772n-h1-794796-1.cbci-794796-1.localS-1-5-186/4/2021 1:20:30 PMmicrosoft-windows-taskscheduler/operationalSystem.UInt32[]System.Diagnostics.Eventing.Reader.EventBookmarkInformationInfoCreated Task ProcessSystem.Collections.ObjectModel.ReadOnlyCollection`1[System.String]System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]