| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3510 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 744 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:42:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3509 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 744 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:40:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 17A421CA-344E-40C1-9E84-CE34D51FCFF9--66E0973F-1699-4AB6-8887-32905FC9A133 (Friendly Name: 6a023a01-59a0-4721-928e-0225b6ab5787). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3508 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4216 | 4660 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-396632522-1086403662-885949598-4191100885 | 7/8/2021 6:40:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 17A421CA-344E-40C1-9E84-CE34D51FCFF9--66E0973F-1699-4AB6-8887-32905FC9A133 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3507 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4216 | 4660 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-396632522-1086403662-885949598-4191100885 | 7/8/2021 6:40:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3506 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 744 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:37:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3505 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:36:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3504 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:36:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3503 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3372 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:35:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 17A421CA-344E-40C1-9E84-CE34D51FCFF9--66E0973F-1699-4AB6-8887-32905FC9A133 (Friendly Name: 6a023a01-59a0-4721-928e-0225b6ab5787) successfully connected to port 40B02C07-6C85-4950-9F36-24E424C1E828 (Friendly Name: 6a023a01-59a0-4721-928e-0225b6ab5787) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3502 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4216 | 3804 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-396632522-1086403662-885949598-4191100885 | 7/8/2021 6:35:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 17A421CA-344E-40C1-9E84-CE34D51FCFF9--66E0973F-1699-4AB6-8887-32905FC9A133 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3501 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4216 | 3804 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:35:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 0431A641-D43C-4269-8DA2-3467787E1CBC--E39A34CB-CCC0-4B30-AFA8-EAFAD3DFDC46 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3500 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3616 | 4040 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-70362689-1114231868-1731502733-3155983992 | 7/8/2021 6:35:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0431A641-D43C-4269-8DA2-3467787E1CBC--E39A34CB-CCC0-4B30-AFA8-EAFAD3DFDC46 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3499 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3616 | 4040 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-70362689-1114231868-1731502733-3155983992 | 7/8/2021 6:35:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0431A641-D43C-4269-8DA2-3467787E1CBC--E39A34CB-CCC0-4B30-AFA8-EAFAD3DFDC46 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56) successfully connected to port 00BE360D-C9E2-436F-A472-710B5D861F66 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3498 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3616 | 4288 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-70362689-1114231868-1731502733-3155983992 | 7/8/2021 6:33:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 0431A641-D43C-4269-8DA2-3467787E1CBC--E39A34CB-CCC0-4B30-AFA8-EAFAD3DFDC46 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3497 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3616 | 4288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:33:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3496 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:33:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3495 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:33:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5021B728-6035-42B6-BCF8-BBEC904A790A--E093C90B-D24E-4876-B3D5-D7D3DEC2A216 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3494 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2224 | 1616 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1344386856-1119248437-3971741884-175721104 | 7/8/2021 6:33:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5021B728-6035-42B6-BCF8-BBEC904A790A--E093C90B-D24E-4876-B3D5-D7D3DEC2A216 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3493 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2224 | 1616 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1344386856-1119248437-3971741884-175721104 | 7/8/2021 6:33:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3492 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3372 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:33:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3491 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3372 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:33:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5021B728-6035-42B6-BCF8-BBEC904A790A--E093C90B-D24E-4876-B3D5-D7D3DEC2A216 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56) successfully connected to port F6139C76-EA67-45FB-9389-A1436671F193 (Friendly Name: e78bdde3-912c-423b-a5c6-194fc4f5df56) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3490 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2224 | 3308 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1344386856-1119248437-3971741884-175721104 | 7/8/2021 6:31:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5021B728-6035-42B6-BCF8-BBEC904A790A--E093C90B-D24E-4876-B3D5-D7D3DEC2A216 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3489 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2224 | 3308 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:31:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3488 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3372 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:31:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B7CFF685-117C-453C-B0B8-2C627E487E76--D959A25D-3BD9-4967-8379-AB560A73C1B8 (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3487 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3820 | 604 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3083859589-1161564540-1647098032-1987987582 | 7/8/2021 6:30:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7CFF685-117C-453C-B0B8-2C627E487E76--D959A25D-3BD9-4967-8379-AB560A73C1B8 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3486 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3820 | 604 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3083859589-1161564540-1647098032-1987987582 | 7/8/2021 6:30:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7CFF685-117C-453C-B0B8-2C627E487E76--D959A25D-3BD9-4967-8379-AB560A73C1B8 (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290) successfully connected to port D94858B3-61D6-43F5-A493-F412A7BFD69A (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3485 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3820 | 1876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3083859589-1161564540-1647098032-1987987582 | 7/8/2021 6:29:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B7CFF685-117C-453C-B0B8-2C627E487E76--D959A25D-3BD9-4967-8379-AB560A73C1B8 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3484 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3820 | 1876 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:29:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3483 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:29:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 85523D32-C227-4940-A22A-E4D6B85E0B2D--90356919-2C4B-4A14-BECA-98E1EB5953CE (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3482 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4776 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2236759346-1228980775-3605277346-755719864 | 7/8/2021 6:28:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 85523D32-C227-4940-A22A-E4D6B85E0B2D--90356919-2C4B-4A14-BECA-98E1EB5953CE successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3481 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4776 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2236759346-1228980775-3605277346-755719864 | 7/8/2021 6:28:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3480 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:28:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 85523D32-C227-4940-A22A-E4D6B85E0B2D--90356919-2C4B-4A14-BECA-98E1EB5953CE (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290) successfully connected to port 9E0E108D-2A37-422F-A45D-ADBE6B793F9F (Friendly Name: 83fb4cda-39ad-4342-8a47-fd88c1d51290) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3479 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4624 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2236759346-1228980775-3605277346-755719864 | 7/8/2021 6:26:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 85523D32-C227-4940-A22A-E4D6B85E0B2D--90356919-2C4B-4A14-BECA-98E1EB5953CE (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3478 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4292 | 4624 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:26:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3477 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1840 | 672 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:26:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3476 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1840 | 672 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:26:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e) successfully connected to port 25F2C5AF-963E-4BA4-8A78-C7700521AD75 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3475 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1840 | 1564 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:26:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3474 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1840 | 1564 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:26:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3473 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3424 | 3108 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:26:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3472 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3424 | 3108 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:26:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e) successfully connected to port 25F2C5AF-963E-4BA4-8A78-C7700521AD75 (Friendly Name: 69766342-f2db-41b9-bf2d-6a15b75a611e) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3471 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3424 | 4180 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2471869213-1245450877-2345090200-95618571 | 7/8/2021 6:25:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9355BB1D-127D-4A3C-983C-C78B0B06B305--6154BA44-8CF8-4BF6-BD7B-4E7E36F19443 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3470 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3424 | 4180 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:25:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3469 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3292 | 1488 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:25:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3468 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3292 | 1488 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:25:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1) successfully connected to port E8D8317D-9C4B-4E2B-B729-0D822954A356 (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3467 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3292 | 4560 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:24:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3466 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3292 | 4560 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:24:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3465 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 688 | 4304 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:24:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3464 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 688 | 4304 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:24:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1) successfully connected to port E8D8317D-9C4B-4E2B-B729-0D822954A356 (Friendly Name: 633d07d9-9821-4cd0-850c-93c9893864f1) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3463 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 688 | 3628 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2283530909-1227133197-603247009-2526821701 | 7/8/2021 6:23:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 881BEA9D-910D-4924-A1D1-F423453D9C96--B6B19B0A-A555-4484-BF28-C387F6C28F5B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3462 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 688 | 3628 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:23:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4082DA5D-936C-45D9-84B5-AC4C7FD2DEA2--F5EF37B6-84BF-46E4-856C-B79C4BA7C16B (Friendly Name: 7c42942c-5772-4496-a64f-f03317640d61). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3461 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4824 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1082317405-1171886956-1286387076-2732511871 | 7/8/2021 6:22:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4082DA5D-936C-45D9-84B5-AC4C7FD2DEA2--F5EF37B6-84BF-46E4-856C-B79C4BA7C16B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3460 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4824 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1082317405-1171886956-1286387076-2732511871 | 7/8/2021 6:22:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4082DA5D-936C-45D9-84B5-AC4C7FD2DEA2--F5EF37B6-84BF-46E4-856C-B79C4BA7C16B (Friendly Name: 7c42942c-5772-4496-a64f-f03317640d61) successfully connected to port 1EA1C69A-889C-4D69-8A2F-77DAE83B0A49 (Friendly Name: 7c42942c-5772-4496-a64f-f03317640d61) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3459 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4824 | 100 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1082317405-1171886956-1286387076-2732511871 | 7/8/2021 6:21:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4082DA5D-936C-45D9-84B5-AC4C7FD2DEA2--F5EF37B6-84BF-46E4-856C-B79C4BA7C16B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3458 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4824 | 100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:21:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3457 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3316 | 4448 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:21:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3456 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3316 | 4448 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:21:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151) successfully connected to port 1801A8FF-4931-49BF-941E-87683DED388F (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3455 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3316 | 4912 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:21:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3454 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3316 | 4912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:21:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3453 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4584 | 4176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3452 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4584 | 4176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:21:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151) successfully connected to port 1801A8FF-4931-49BF-941E-87683DED388F (Friendly Name: edd31103-7944-4f1d-98fb-793a9da90151) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3451 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4584 | 888 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1081593932-1132589165-1128272011-3033030274 | 7/8/2021 6:20:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4077D04C-F06D-4381-8B10-4043825EC8B4--FC813D51-945D-4CA0-8DC2-4B26473A75D7 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3450 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4584 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:20:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3449 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:20:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EDE06B01-8905-4956-821D-CC1F91AFF416--B16C1145-107A-4011-BF40-7CFE3E4FD45D (Friendly Name: 661e7788-d8a6-4099-b1b2-877719724a0b). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3448 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4248 | 3876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3990907649-1230407941-533470594-385134481 | 7/8/2021 6:19:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EDE06B01-8905-4956-821D-CC1F91AFF416--B16C1145-107A-4011-BF40-7CFE3E4FD45D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3447 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4248 | 3876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3990907649-1230407941-533470594-385134481 | 7/8/2021 6:19:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3446 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:19:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3445 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:19:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EDE06B01-8905-4956-821D-CC1F91AFF416--B16C1145-107A-4011-BF40-7CFE3E4FD45D (Friendly Name: 661e7788-d8a6-4099-b1b2-877719724a0b) successfully connected to port 3186B33D-5E25-4105-A9FF-5202B9ECFABE (Friendly Name: 661e7788-d8a6-4099-b1b2-877719724a0b) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3444 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4248 | 736 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3990907649-1230407941-533470594-385134481 | 7/8/2021 6:19:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EDE06B01-8905-4956-821D-CC1F91AFF416--B16C1145-107A-4011-BF40-7CFE3E4FD45D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3443 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4248 | 736 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:19:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3442 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:19:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3441 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 2904 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:18:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3440 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 2904 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:18:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e) successfully connected to port 99F028E4-1E54-467B-8CAE-2F50C81A0D8C (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3439 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 2904 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:18:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3438 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 2904 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:18:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3437 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4960 | 2944 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:17:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3436 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4960 | 2944 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:17:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:17:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e) successfully connected to port 99F028E4-1E54-467B-8CAE-2F50C81A0D8C (Friendly Name: b6c41177-39a9-403e-852f-07173eb71a2e) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3434 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4960 | 5056 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413931495-1262212408-3714935215-2229842415 | 7/8/2021 6:17:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 18AC17E7-D538-4B3B-AF69-6DDDEFB1E884--BD4E31AA-E0E1-4D78-8DDE-D963B295D5BB (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3433 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4960 | 5056 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:17:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 369C2E32-D2B0-439B-A9C9-6E37FDCF7E1C--8416A87B-7CA0-4267-8416-AEA474A93FEA (Friendly Name: 1cdc6d35-1a1d-4e5f-8fda-1aa6d991fdcf). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3432 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2196 | 2176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-916205106-1134285488-930007465-478072829 | 7/8/2021 6:16:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 369C2E32-D2B0-439B-A9C9-6E37FDCF7E1C--8416A87B-7CA0-4267-8416-AEA474A93FEA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3431 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2196 | 2176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-916205106-1134285488-930007465-478072829 | 7/8/2021 6:16:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 369C2E32-D2B0-439B-A9C9-6E37FDCF7E1C--8416A87B-7CA0-4267-8416-AEA474A93FEA (Friendly Name: 1cdc6d35-1a1d-4e5f-8fda-1aa6d991fdcf) successfully connected to port B5FA44DC-A005-430A-9D99-6861D5684A65 (Friendly Name: 1cdc6d35-1a1d-4e5f-8fda-1aa6d991fdcf) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3430 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2196 | 2176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-916205106-1134285488-930007465-478072829 | 7/8/2021 6:16:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 369C2E32-D2B0-439B-A9C9-6E37FDCF7E1C--8416A87B-7CA0-4267-8416-AEA474A93FEA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3429 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2196 | 2176 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:16:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E5A812F5-6410-4F7D-9F03-21037E801292--95414EDC-D7A9-411F-88E5-94A08753F745 (Friendly Name: 21d7bfef-4afb-4494-83ae-58b7026b7d39). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3428 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1108 | 3420 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3852997365-1333617680-52495263-2450686078 | 7/8/2021 6:15:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E5A812F5-6410-4F7D-9F03-21037E801292--95414EDC-D7A9-411F-88E5-94A08753F745 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3427 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1108 | 3420 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3852997365-1333617680-52495263-2450686078 | 7/8/2021 6:15:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E5A812F5-6410-4F7D-9F03-21037E801292--95414EDC-D7A9-411F-88E5-94A08753F745 (Friendly Name: 21d7bfef-4afb-4494-83ae-58b7026b7d39) successfully connected to port 85F2231E-E976-40BD-9F1F-F6C95C5673DC (Friendly Name: 21d7bfef-4afb-4494-83ae-58b7026b7d39) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3426 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1108 | 920 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3852997365-1333617680-52495263-2450686078 | 7/8/2021 6:15:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E5A812F5-6410-4F7D-9F03-21037E801292--95414EDC-D7A9-411F-88E5-94A08753F745 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3425 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1108 | 920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:15:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2333BD31-51C9-4146-B6AA-DB1F5D4197B7--E322B75E-338F-43E3-94AA-DF3D6155A31C (Friendly Name: 3cd40611-15a1-49a9-b3ab-30a98363a3d6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3424 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3380 | 2700 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-590593329-1095127497-534489782-3080143197 | 7/8/2021 6:14:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2333BD31-51C9-4146-B6AA-DB1F5D4197B7--E322B75E-338F-43E3-94AA-DF3D6155A31C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3423 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3380 | 2700 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-590593329-1095127497-534489782-3080143197 | 7/8/2021 6:14:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2333BD31-51C9-4146-B6AA-DB1F5D4197B7--E322B75E-338F-43E3-94AA-DF3D6155A31C (Friendly Name: 3cd40611-15a1-49a9-b3ab-30a98363a3d6) successfully connected to port E2915B1B-31FE-4952-84F1-9942FE764538 (Friendly Name: 3cd40611-15a1-49a9-b3ab-30a98363a3d6) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3422 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3380 | 2700 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-590593329-1095127497-534489782-3080143197 | 7/8/2021 6:14:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2333BD31-51C9-4146-B6AA-DB1F5D4197B7--E322B75E-338F-43E3-94AA-DF3D6155A31C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3421 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3380 | 2700 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:14:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 95A5A998-72F8-4D19-93A3-3A6EE10DB5D8--8AA99D65-59C9-448B-9F9B-B4CBA031D487 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3420 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4816 | 3916 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2510662040-1293513464-1849336723-3635744225 | 7/8/2021 6:14:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 95A5A998-72F8-4D19-93A3-3A6EE10DB5D8--8AA99D65-59C9-448B-9F9B-B4CBA031D487 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3419 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4816 | 3916 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2510662040-1293513464-1849336723-3635744225 | 7/8/2021 6:14:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-1F-31-94 has moved from port 717377B1-5079-4DA6-90BF-6F995D02B688 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402) to port 717377B1-5079-4DA6-90BF-6F995D02B688 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3418 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:14:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 95A5A998-72F8-4D19-93A3-3A6EE10DB5D8--8AA99D65-59C9-448B-9F9B-B4CBA031D487 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402) successfully connected to port 717377B1-5079-4DA6-90BF-6F995D02B688 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3417 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4816 | 588 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2510662040-1293513464-1849336723-3635744225 | 7/8/2021 6:14:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:14:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 95A5A998-72F8-4D19-93A3-3A6EE10DB5D8--8AA99D65-59C9-448B-9F9B-B4CBA031D487 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3415 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4816 | 2296 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:14:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2388 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:13:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic E9BFCBC0-F282-4537-B1A4-30093BB359A0--E9A28944-0C6C-40A2-8A9B-0A8C7D03C188 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3413 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4376 | 3048 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3921660864-1161294466-154182833-2690233147 | 7/8/2021 6:13:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E9BFCBC0-F282-4537-B1A4-30093BB359A0--E9A28944-0C6C-40A2-8A9B-0A8C7D03C188 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3412 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4376 | 3048 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3921660864-1161294466-154182833-2690233147 | 7/8/2021 6:13:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2388 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:13:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3410 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2388 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:13:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3409 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2696 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:12:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC E9BFCBC0-F282-4537-B1A4-30093BB359A0--E9A28944-0C6C-40A2-8A9B-0A8C7D03C188 (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402) successfully connected to port 3D8E5ADD-B63B-4DB5-9727-0FD066EEE19E (Friendly Name: f5ea1e8c-47cf-4a5b-9db6-4cb69cad5402) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3408 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4376 | 2564 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3921660864-1161294466-154182833-2690233147 | 7/8/2021 6:11:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic E9BFCBC0-F282-4537-B1A4-30093BB359A0--E9A28944-0C6C-40A2-8A9B-0A8C7D03C188 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3407 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4376 | 2564 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:11:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 89C27A23-41FA-485E-B66B-8B9893CD7DAB--52F5E10E-A3A7-4BC9-82BD-DE61DD5F7E6E (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3406 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2140 | 4728 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2311223843-1214136826-2559273910-2877148563 | 7/8/2021 6:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 89C27A23-41FA-485E-B66B-8B9893CD7DAB--52F5E10E-A3A7-4BC9-82BD-DE61DD5F7E6E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3405 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2140 | 4728 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2311223843-1214136826-2559273910-2877148563 | 7/8/2021 6:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-65-11-2F has moved from port B7E646FC-E358-4109-ABB0-01DE93E9706E (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae) to port B7E646FC-E358-4109-ABB0-01DE93E9706E (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3404 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3956 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:11:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 89C27A23-41FA-485E-B66B-8B9893CD7DAB--52F5E10E-A3A7-4BC9-82BD-DE61DD5F7E6E (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae) successfully connected to port B7E646FC-E358-4109-ABB0-01DE93E9706E (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3403 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2140 | 936 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2311223843-1214136826-2559273910-2877148563 | 7/8/2021 6:11:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 89C27A23-41FA-485E-B66B-8B9893CD7DAB--52F5E10E-A3A7-4BC9-82BD-DE61DD5F7E6E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3402 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2140 | 936 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:11:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A99F6427-1F3A-47CA-8C1C-DE34A9B6E4A8--0BBFE094-3108-4B31-A68B-9CBA51D83316 (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3401 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2476 | 4896 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2845795367-1204428602-886971532-2833561257 | 7/8/2021 6:11:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A99F6427-1F3A-47CA-8C1C-DE34A9B6E4A8--0BBFE094-3108-4B31-A68B-9CBA51D83316 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3400 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2476 | 4896 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2845795367-1204428602-886971532-2833561257 | 7/8/2021 6:11:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A99F6427-1F3A-47CA-8C1C-DE34A9B6E4A8--0BBFE094-3108-4B31-A68B-9CBA51D83316 (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae) successfully connected to port 8C7F5B0D-A1B6-4C9F-B324-006BEE47BEC3 (Friendly Name: 4e49dc00-f74a-4c3a-ab23-cc65a6727cae) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3399 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2476 | 3756 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2845795367-1204428602-886971532-2833561257 | 7/8/2021 6:09:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A99F6427-1F3A-47CA-8C1C-DE34A9B6E4A8--0BBFE094-3108-4B31-A68B-9CBA51D83316 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3398 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2476 | 3756 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:09:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A7954E5D-A76B-412F-9F18-3DCAB1DDCC3B--F24620D9-2C7B-4280-A938-5CC091F83C64 (Friendly Name: 801b0fdf-dfdd-4aa9-a523-0dd075bee727). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3397 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 312 | 4444 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2811579997-1093642091-3393001631-1003281841 | 7/8/2021 6:08:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A7954E5D-A76B-412F-9F18-3DCAB1DDCC3B--F24620D9-2C7B-4280-A938-5CC091F83C64 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3396 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 312 | 4444 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2811579997-1093642091-3393001631-1003281841 | 7/8/2021 6:08:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A7954E5D-A76B-412F-9F18-3DCAB1DDCC3B--F24620D9-2C7B-4280-A938-5CC091F83C64 (Friendly Name: 801b0fdf-dfdd-4aa9-a523-0dd075bee727) successfully connected to port DC1A23FA-CF64-41EC-BAC6-060A7F0833EC (Friendly Name: 801b0fdf-dfdd-4aa9-a523-0dd075bee727) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3395 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 312 | 3592 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2811579997-1093642091-3393001631-1003281841 | 7/8/2021 6:07:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A7954E5D-A76B-412F-9F18-3DCAB1DDCC3B--F24620D9-2C7B-4280-A938-5CC091F83C64 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3394 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 312 | 3592 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:07:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9B0B1B92-390C-46B4-A673-D0DBC431A692--342C9A34-DC8E-461C-8765-01E19D7BE37D (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3393 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 2892 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2601196434-1186216204-3687871398-2460365252 | 7/8/2021 6:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9B0B1B92-390C-46B4-A673-D0DBC431A692--342C9A34-DC8E-461C-8765-01E19D7BE37D successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3392 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 2892 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2601196434-1186216204-3687871398-2460365252 | 7/8/2021 6:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-65-DE-66 has moved from port 2F73ED1B-B43B-48CB-A148-1CB87A69E753 (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be) to port 2F73ED1B-B43B-48CB-A148-1CB87A69E753 (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3391 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-65-DE-66 has moved from port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) to port 2F73ED1B-B43B-48CB-A148-1CB87A69E753 (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3390 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3940 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9B0B1B92-390C-46B4-A673-D0DBC431A692--342C9A34-DC8E-461C-8765-01E19D7BE37D (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be) successfully connected to port 2F73ED1B-B43B-48CB-A148-1CB87A69E753 (Friendly Name: 90131eb5-1f4f-41b1-a100-580aa9a1f1be) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3389 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 836 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2601196434-1186216204-3687871398-2460365252 | 7/8/2021 6:06:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3388 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9B0B1B92-390C-46B4-A673-D0DBC431A692--342C9A34-DC8E-461C-8765-01E19D7BE37D (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3387 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4764 | 3164 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3384 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:06:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 255E8C50-8A48-4ADF-8002-023286F2E300--56DC6595-85CA-4BA6-B064-AF7F94B3CA64 (Friendly Name: 8d98d6a2-76b9-4168-a5ba-bba731a59157). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3383 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4028 | 4372 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-626953296-1256163912-838992512-14938758 | 7/8/2021 6:04:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 255E8C50-8A48-4ADF-8002-023286F2E300--56DC6595-85CA-4BA6-B064-AF7F94B3CA64 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3382 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4028 | 4372 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-626953296-1256163912-838992512-14938758 | 7/8/2021 6:04:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 255E8C50-8A48-4ADF-8002-023286F2E300--56DC6595-85CA-4BA6-B064-AF7F94B3CA64 (Friendly Name: 8d98d6a2-76b9-4168-a5ba-bba731a59157) successfully connected to port 6B043D40-DD1D-4A42-8890-6EA6B812FEFD (Friendly Name: 8d98d6a2-76b9-4168-a5ba-bba731a59157) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3381 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4028 | 4372 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-626953296-1256163912-838992512-14938758 | 7/8/2021 6:03:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 255E8C50-8A48-4ADF-8002-023286F2E300--56DC6595-85CA-4BA6-B064-AF7F94B3CA64 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3380 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4028 | 4372 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:03:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A770FD8E-8F2E-45E8-8254-ABDB09478EAB--57506D9B-819E-469C-8CD2-14662DDD4657 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3379 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3432 | 2964 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2809200014-1172868910-3685438594-2878228233 | 7/8/2021 6:03:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A770FD8E-8F2E-45E8-8254-ABDB09478EAB--57506D9B-819E-469C-8CD2-14662DDD4657 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3378 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3432 | 2964 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2809200014-1172868910-3685438594-2878228233 | 7/8/2021 6:03:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-EA-CC-88 has moved from port 1D02C0A7-33F9-44D5-B66E-8E42DBCAA438 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803) to port 1D02C0A7-33F9-44D5-B66E-8E42DBCAA438 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3377 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:03:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-EA-CC-88 has moved from port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) to port 1D02C0A7-33F9-44D5-B66E-8E42DBCAA438 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3376 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:03:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A770FD8E-8F2E-45E8-8254-ABDB09478EAB--57506D9B-819E-469C-8CD2-14662DDD4657 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803) successfully connected to port 1D02C0A7-33F9-44D5-B66E-8E42DBCAA438 (Friendly Name: 9d3c2dff-0804-406f-a303-22b0f7ac6803) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3375 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3432 | 208 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2809200014-1172868910-3685438594-2878228233 | 7/8/2021 6:03:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A770FD8E-8F2E-45E8-8254-ABDB09478EAB--57506D9B-819E-469C-8CD2-14662DDD4657 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3374 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3432 | 4696 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:03:42 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic DE12E5A3-01A3-4152-9BE9-D8656BC5FE1B--9DE07BC6-F0D3-45D7-8B77-974FD72BA2DE (Friendly Name: e75bf626-fa04-47ab-b3be-429f6f83b5ef). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3373 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 364 | 1820 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3725780387-1095893411-1708714395-469681515 | 7/8/2021 6:02:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DE12E5A3-01A3-4152-9BE9-D8656BC5FE1B--9DE07BC6-F0D3-45D7-8B77-974FD72BA2DE successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3372 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 364 | 1820 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3725780387-1095893411-1708714395-469681515 | 7/8/2021 6:02:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DE12E5A3-01A3-4152-9BE9-D8656BC5FE1B--9DE07BC6-F0D3-45D7-8B77-974FD72BA2DE (Friendly Name: e75bf626-fa04-47ab-b3be-429f6f83b5ef) successfully connected to port F7790288-77ED-4F03-837D-162EF17F9CC7 (Friendly Name: e75bf626-fa04-47ab-b3be-429f6f83b5ef) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3371 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 364 | 2176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3725780387-1095893411-1708714395-469681515 | 7/8/2021 6:02:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic DE12E5A3-01A3-4152-9BE9-D8656BC5FE1B--9DE07BC6-F0D3-45D7-8B77-974FD72BA2DE (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3370 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 364 | 2176 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:02:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 8FFB9622-DA23-49CD-9A79-5906E06717A0--AEA8E6D3-B44E-406D-A66E-48B69AA6A7EA (Friendly Name: 8302211e-d5c2-4e2f-a26f-db1fb6423440). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3369 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 616 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2415629858-1238227491-106527130-2685888480 | 7/8/2021 6:02:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 8FFB9622-DA23-49CD-9A79-5906E06717A0--AEA8E6D3-B44E-406D-A66E-48B69AA6A7EA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3368 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 616 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2415629858-1238227491-106527130-2685888480 | 7/8/2021 6:02:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 8FFB9622-DA23-49CD-9A79-5906E06717A0--AEA8E6D3-B44E-406D-A66E-48B69AA6A7EA (Friendly Name: 8302211e-d5c2-4e2f-a26f-db1fb6423440) successfully connected to port C8EB21A3-4555-409D-9E6F-A9373CD0AF62 (Friendly Name: 8302211e-d5c2-4e2f-a26f-db1fb6423440) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3367 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 900 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2415629858-1238227491-106527130-2685888480 | 7/8/2021 6:02:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 8FFB9622-DA23-49CD-9A79-5906E06717A0--AEA8E6D3-B44E-406D-A66E-48B69AA6A7EA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3366 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 920 | 900 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:02:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3365 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:02:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 060AAA7C-D962-4EAE-AB99-4A4F929A939A--8ABE3E0D-5AE1-4C5D-BFE1-97E6FECD9080 (Friendly Name: b2d43f5c-c3b7-4d93-8d7a-770f49d3a295). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3364 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1264 | 3408 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-101362300-1320081762-1330289067-2593364626 | 7/8/2021 6:01:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 060AAA7C-D962-4EAE-AB99-4A4F929A939A--8ABE3E0D-5AE1-4C5D-BFE1-97E6FECD9080 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3363 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1264 | 3408 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-101362300-1320081762-1330289067-2593364626 | 7/8/2021 6:01:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3362 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 6:00:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3361 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:59:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 060AAA7C-D962-4EAE-AB99-4A4F929A939A--8ABE3E0D-5AE1-4C5D-BFE1-97E6FECD9080 (Friendly Name: b2d43f5c-c3b7-4d93-8d7a-770f49d3a295) successfully connected to port B1046F6A-CF0C-4633-A29D-308351D18935 (Friendly Name: b2d43f5c-c3b7-4d93-8d7a-770f49d3a295) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3360 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1264 | 1332 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-101362300-1320081762-1330289067-2593364626 | 7/8/2021 5:57:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 060AAA7C-D962-4EAE-AB99-4A4F929A939A--8ABE3E0D-5AE1-4C5D-BFE1-97E6FECD9080 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3359 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1264 | 1332 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:57:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3358 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:57:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B1EBA134-039D-45B6-A02F-9DE3A3962589--502CD382-129D-4A0F-A209-6E47B9712317 (Friendly Name: 30bf19aa-4ae2-4469-ae6d-00cb686ddd25). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3357 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4568 | 2976 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2985009460-1169556381-3818729376-2300941987 | 7/8/2021 5:56:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B1EBA134-039D-45B6-A02F-9DE3A3962589--502CD382-129D-4A0F-A209-6E47B9712317 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3356 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4568 | 2976 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2985009460-1169556381-3818729376-2300941987 | 7/8/2021 5:56:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3355 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2696 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:56:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B1EBA134-039D-45B6-A02F-9DE3A3962589--502CD382-129D-4A0F-A209-6E47B9712317 (Friendly Name: 30bf19aa-4ae2-4469-ae6d-00cb686ddd25) successfully connected to port 604CB692-7C11-49E9-B1DF-F95F85B89F00 (Friendly Name: 30bf19aa-4ae2-4469-ae6d-00cb686ddd25) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3354 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4568 | 4492 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2985009460-1169556381-3818729376-2300941987 | 7/8/2021 5:54:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B1EBA134-039D-45B6-A02F-9DE3A3962589--502CD382-129D-4A0F-A209-6E47B9712317 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3353 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4568 | 4492 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:54:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4E0B02A4-6115-4FF7-A2A8-D624CD0A591C--E58F9281-8585-4402-803F-DEAA55AA799F (Friendly Name: 227a956c-73fa-45d3-97f6-75f9f4e0a8d8). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3352 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4608 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1309344420-1341612309-618047650-475597517 | 7/8/2021 5:54:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4E0B02A4-6115-4FF7-A2A8-D624CD0A591C--E58F9281-8585-4402-803F-DEAA55AA799F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3351 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4608 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1309344420-1341612309-618047650-475597517 | 7/8/2021 5:54:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4E0B02A4-6115-4FF7-A2A8-D624CD0A591C--E58F9281-8585-4402-803F-DEAA55AA799F (Friendly Name: 227a956c-73fa-45d3-97f6-75f9f4e0a8d8) successfully connected to port A03646E1-8B8D-4B83-A04D-9616D9D96DDE (Friendly Name: 227a956c-73fa-45d3-97f6-75f9f4e0a8d8) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3350 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4608 | 4332 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1309344420-1341612309-618047650-475597517 | 7/8/2021 5:53:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4E0B02A4-6115-4FF7-A2A8-D624CD0A591C--E58F9281-8585-4402-803F-DEAA55AA799F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3349 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4608 | 4332 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:53:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D895A45C-1D17-4BF4-AEB8-A5FBD8FEAE9F--A23C6753-EB56-4050-95B8-0E18B19FD5EA (Friendly Name: dedfb14f-34d5-40dd-b905-3da8e00bb0ac). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3348 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4596 | 4544 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3633685596-1274289431-4221941934-2679045848 | 7/8/2021 5:52:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D895A45C-1D17-4BF4-AEB8-A5FBD8FEAE9F--A23C6753-EB56-4050-95B8-0E18B19FD5EA successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3347 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4596 | 4544 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3633685596-1274289431-4221941934-2679045848 | 7/8/2021 5:52:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D895A45C-1D17-4BF4-AEB8-A5FBD8FEAE9F--A23C6753-EB56-4050-95B8-0E18B19FD5EA (Friendly Name: dedfb14f-34d5-40dd-b905-3da8e00bb0ac) successfully connected to port 848864D5-9127-4752-9D18-B5DED1F0BC10 (Friendly Name: dedfb14f-34d5-40dd-b905-3da8e00bb0ac) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3346 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4596 | 1584 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3633685596-1274289431-4221941934-2679045848 | 7/8/2021 5:52:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D895A45C-1D17-4BF4-AEB8-A5FBD8FEAE9F--A23C6753-EB56-4050-95B8-0E18B19FD5EA (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3345 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4596 | 1584 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:52:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic FA56660E-A7D7-433E-9158-1EE588C61702--4D168BE1-F7C3-42A6-B86A-A903EEB31213 (Friendly Name: 84202950-004b-4aae-99d3-27507d5fd1dc). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3344 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3332 | 3608 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4199966222-1128179671-3843971217-35112584 | 7/8/2021 5:51:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FA56660E-A7D7-433E-9158-1EE588C61702--4D168BE1-F7C3-42A6-B86A-A903EEB31213 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3343 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3332 | 3608 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4199966222-1128179671-3843971217-35112584 | 7/8/2021 5:51:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FA56660E-A7D7-433E-9158-1EE588C61702--4D168BE1-F7C3-42A6-B86A-A903EEB31213 (Friendly Name: 84202950-004b-4aae-99d3-27507d5fd1dc) successfully connected to port AFD09BE8-1E48-4651-93F1-81ABA14CD665 (Friendly Name: 84202950-004b-4aae-99d3-27507d5fd1dc) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3342 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3332 | 3460 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4199966222-1128179671-3843971217-35112584 | 7/8/2021 5:51:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic FA56660E-A7D7-433E-9158-1EE588C61702--4D168BE1-F7C3-42A6-B86A-A903EEB31213 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3341 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3332 | 3460 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:51:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4503C72F-B007-4BBC-8810-9AE3D786D079--26ED876D-0C86-4837-9CF1-1E24E4751E97 (Friendly Name: 85764380-a7af-4265-9d8f-f30660a8d59f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3340 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3812 | 736 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1157875503-1270657031-3818524808-2043709143 | 7/8/2021 5:51:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4503C72F-B007-4BBC-8810-9AE3D786D079--26ED876D-0C86-4837-9CF1-1E24E4751E97 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3339 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3812 | 736 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1157875503-1270657031-3818524808-2043709143 | 7/8/2021 5:51:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4503C72F-B007-4BBC-8810-9AE3D786D079--26ED876D-0C86-4837-9CF1-1E24E4751E97 (Friendly Name: 85764380-a7af-4265-9d8f-f30660a8d59f) successfully connected to port B7A4D57C-6D68-41B5-9D13-A7ECE1F05EDF (Friendly Name: 85764380-a7af-4265-9d8f-f30660a8d59f) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3338 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3812 | 836 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1157875503-1270657031-3818524808-2043709143 | 7/8/2021 5:50:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4503C72F-B007-4BBC-8810-9AE3D786D079--26ED876D-0C86-4837-9CF1-1E24E4751E97 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3337 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3812 | 836 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:50:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3336 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:50:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3335 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:50:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3334 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:50:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3333 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 3860 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:49:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3332 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2068 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:48:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C57CDC91-B357-46C6-B4E2-B389961E67FB--10EF6964-D019-4E0F-8E2C-A9E3FECF2BA4 (Friendly Name: 8d41a31d-5c4b-4729-9c6e-b8080446562c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3331 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4124 | 2264 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3313294481-1187427159-2310267572-4217839254 | 7/8/2021 5:47:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C57CDC91-B357-46C6-B4E2-B389961E67FB--10EF6964-D019-4E0F-8E2C-A9E3FECF2BA4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3330 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4124 | 2264 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3313294481-1187427159-2310267572-4217839254 | 7/8/2021 5:47:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C57CDC91-B357-46C6-B4E2-B389961E67FB--10EF6964-D019-4E0F-8E2C-A9E3FECF2BA4 (Friendly Name: 8d41a31d-5c4b-4729-9c6e-b8080446562c) successfully connected to port A6881194-2D74-4F3F-9A8F-61913E0AB0A5 (Friendly Name: 8d41a31d-5c4b-4729-9c6e-b8080446562c) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3329 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4124 | 888 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3313294481-1187427159-2310267572-4217839254 | 7/8/2021 5:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C57CDC91-B357-46C6-B4E2-B389961E67FB--10EF6964-D019-4E0F-8E2C-A9E3FECF2BA4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3328 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4124 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7ACFE049-D347-4ADB-ACC2-319D31A7864A--DDD3EB85-30E7-4BDB-8833-D0F09EF9C118 (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3327 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 4840 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2060443721-1255920455-2637284012-1250338609 | 7/8/2021 5:46:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7ACFE049-D347-4ADB-ACC2-319D31A7864A--DDD3EB85-30E7-4BDB-8833-D0F09EF9C118 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3326 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 4840 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2060443721-1255920455-2637284012-1250338609 | 7/8/2021 5:46:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-48-CB-A6 has moved from port 78FE906B-BD90-4706-A669-9994E17804BC (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93) to port 78FE906B-BD90-4706-A669-9994E17804BC (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3325 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3956 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:46:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7ACFE049-D347-4ADB-ACC2-319D31A7864A--DDD3EB85-30E7-4BDB-8833-D0F09EF9C118 (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93) successfully connected to port 78FE906B-BD90-4706-A669-9994E17804BC (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3324 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 92 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2060443721-1255920455-2637284012-1250338609 | 7/8/2021 5:46:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7ACFE049-D347-4ADB-ACC2-319D31A7864A--DDD3EB85-30E7-4BDB-8833-D0F09EF9C118 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3323 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4372 | 1060 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:46:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D7C72CD0-AB5A-47AF-9D27-0405F54498DA--D83E6047-0A4E-4A20-9E33-5A1E95FF9A36 (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3322 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2944 | 2164 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3620154576-1202695002-84158365-3667412213 | 7/8/2021 5:46:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D7C72CD0-AB5A-47AF-9D27-0405F54498DA--D83E6047-0A4E-4A20-9E33-5A1E95FF9A36 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3321 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2944 | 2164 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3620154576-1202695002-84158365-3667412213 | 7/8/2021 5:46:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D7C72CD0-AB5A-47AF-9D27-0405F54498DA--D83E6047-0A4E-4A20-9E33-5A1E95FF9A36 (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93) successfully connected to port CCD27BBF-09BC-4342-BA42-5452C22F71AC (Friendly Name: c628e10e-fe62-47d5-a945-57a39bd4fc93) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3320 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2944 | 1152 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3620154576-1202695002-84158365-3667412213 | 7/8/2021 5:45:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D7C72CD0-AB5A-47AF-9D27-0405F54498DA--D83E6047-0A4E-4A20-9E33-5A1E95FF9A36 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3319 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2944 | 1152 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:45:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 3A5F0C26-BEB6-44CA-A5B9-064EC6F2153F--613CBA08-92D6-471B-99DD-5F7B95FE7579 (Friendly Name: 05826629-2dfa-4408-9b40-7b4b62d73435). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3318 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 4260 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-979307558-1154137782-1309063589-1058403014 | 7/8/2021 5:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A5F0C26-BEB6-44CA-A5B9-064EC6F2153F--613CBA08-92D6-471B-99DD-5F7B95FE7579 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3317 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 4260 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-979307558-1154137782-1309063589-1058403014 | 7/8/2021 5:44:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 3A5F0C26-BEB6-44CA-A5B9-064EC6F2153F--613CBA08-92D6-471B-99DD-5F7B95FE7579 (Friendly Name: 05826629-2dfa-4408-9b40-7b4b62d73435) successfully connected to port 2C61AABA-9C58-4C91-893D-9306D4353EAA (Friendly Name: 05826629-2dfa-4408-9b40-7b4b62d73435) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3316 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 4988 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-979307558-1154137782-1309063589-1058403014 | 7/8/2021 5:43:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 3A5F0C26-BEB6-44CA-A5B9-064EC6F2153F--613CBA08-92D6-471B-99DD-5F7B95FE7579 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3315 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2120 | 4988 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:43:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EBC66E1B-3E22-4289-B84C-72BA974EDA62--7D29A7EC-EE91-4E74-9E47-34BE23754194 (Friendly Name: 230bf5ea-c469-4c29-84f5-a404905352bd). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3314 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4348 | 4568 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3955650075-1116290594-3128052920-1658474135 | 7/8/2021 5:42:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EBC66E1B-3E22-4289-B84C-72BA974EDA62--7D29A7EC-EE91-4E74-9E47-34BE23754194 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3313 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4348 | 4568 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3955650075-1116290594-3128052920-1658474135 | 7/8/2021 5:42:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-43-05-A4 has moved from port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) to port 2EDB31A6-82B9-43FE-B25F-CCCD992B37A9 (Friendly Name: 230bf5ea-c469-4c29-84f5-a404905352bd). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3312 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 4156 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:42:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EBC66E1B-3E22-4289-B84C-72BA974EDA62--7D29A7EC-EE91-4E74-9E47-34BE23754194 (Friendly Name: 230bf5ea-c469-4c29-84f5-a404905352bd) successfully connected to port 2EDB31A6-82B9-43FE-B25F-CCCD992B37A9 (Friendly Name: 230bf5ea-c469-4c29-84f5-a404905352bd) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3311 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4348 | 4376 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3955650075-1116290594-3128052920-1658474135 | 7/8/2021 5:42:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EBC66E1B-3E22-4289-B84C-72BA974EDA62--7D29A7EC-EE91-4E74-9E47-34BE23754194 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3310 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4348 | 4132 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:42:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3309 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1384 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:42:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3308 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1384 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:42:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad) successfully connected to port 15E69744-6CA9-40B8-AE98-ADC9BE434652 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3307 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1384 | 4008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:42:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3306 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1384 | 4008 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:42:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3305 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1180 | 4912 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:42:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3304 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1180 | 4912 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:42:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad) successfully connected to port 15E69744-6CA9-40B8-AE98-ADC9BE434652 (Friendly Name: ad845050-c6b3-45db-8f81-575c5dd9a8ad) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3303 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1180 | 4792 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1514247382-1280995296-1395613089-178981852 | 7/8/2021 5:41:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5A4194D6-6FE0-4C5A-A15D-2F53DC0BAB0A--E3C80572-C860-4031-ACBA-A2EFD7762D02 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3302 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1180 | 4792 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:41:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 4B9B3130-AA3F-4CCF-AD1B-0C001476374A--B27BCCD0-132B-4128-983C-A2606F14958C (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3301 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 3176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1268461872-1288677951-793517-1245148692 | 7/8/2021 5:41:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4B9B3130-AA3F-4CCF-AD1B-0C001476374A--B27BCCD0-132B-4128-983C-A2606F14958C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3300 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 3176 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1268461872-1288677951-793517-1245148692 | 7/8/2021 5:41:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A52588FC-EAF9-4EF9-B51F-FDD80821D5AB--83454B44-F5A1-436D-A622-641297F98CA4 (Friendly Name: ca8d03ef-6f8f-441c-b200-00287db8ebdf). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3299 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4996 | 4764 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2770700540-1325001465-3640467381-2882871560 | 7/8/2021 5:41:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A52588FC-EAF9-4EF9-B51F-FDD80821D5AB--83454B44-F5A1-436D-A622-641297F98CA4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3298 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4996 | 4764 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2770700540-1325001465-3640467381-2882871560 | 7/8/2021 5:41:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A52588FC-EAF9-4EF9-B51F-FDD80821D5AB--83454B44-F5A1-436D-A622-641297F98CA4 (Friendly Name: ca8d03ef-6f8f-441c-b200-00287db8ebdf) successfully connected to port 04C5ABC8-0B66-433E-B5F4-65816550EF3A (Friendly Name: ca8d03ef-6f8f-441c-b200-00287db8ebdf) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3297 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4996 | 4764 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2770700540-1325001465-3640467381-2882871560 | 7/8/2021 5:40:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A52588FC-EAF9-4EF9-B51F-FDD80821D5AB--83454B44-F5A1-436D-A622-641297F98CA4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3296 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4996 | 4764 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:40:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-22-AE-11 has moved from port 3AADC0B7-B0AC-422A-B6B2-0D71AE84F548 (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54) to port 3AADC0B7-B0AC-422A-B6B2-0D71AE84F548 (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3295 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3940 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:40:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-22-AE-11 has moved from port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) to port 3AADC0B7-B0AC-422A-B6B2-0D71AE84F548 (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3294 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3672 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:40:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 4B9B3130-AA3F-4CCF-AD1B-0C001476374A--B27BCCD0-132B-4128-983C-A2606F14958C (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54) successfully connected to port 3AADC0B7-B0AC-422A-B6B2-0D71AE84F548 (Friendly Name: 7e5c8b07-1b9a-442b-89c3-9c8542dafc54) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3293 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 2924 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1268461872-1288677951-793517-1245148692 | 7/8/2021 5:40:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 4B9B3130-AA3F-4CCF-AD1B-0C001476374A--B27BCCD0-132B-4128-983C-A2606F14958C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3292 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 3176 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:40:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3291 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2696 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:40:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3290 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2388 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:36:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3289 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2388 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:36:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3288 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:32:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:24:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3286 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:22:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 02164707-EFED-4F6A-8056-13EB9BD194F4--CD706BBA-61D9-4D83-B6F4-3CAC2B0526F1 (Friendly Name: 5fdfd7fd-15d6-47fd-8841-44f9042f9e23). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3285 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4356 | 2684 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-35014407-1332408301-3943913088-4103393691 | 7/8/2021 5:21:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02164707-EFED-4F6A-8056-13EB9BD194F4--CD706BBA-61D9-4D83-B6F4-3CAC2B0526F1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3284 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4356 | 2684 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-35014407-1332408301-3943913088-4103393691 | 7/8/2021 5:21:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D7064C70-E2A6-4D88-958F-ACDFF1666C21--C80AC5B6-C950-458F-9B95-5371DDB9E38E (Friendly Name: bf62b21d-a5e2-4ca7-aa33-d2f055196c74). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3283 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3764 | 1068 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3607514224-1300816550-3752628117-560752369 | 7/8/2021 5:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D7064C70-E2A6-4D88-958F-ACDFF1666C21--C80AC5B6-C950-458F-9B95-5371DDB9E38E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3282 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3764 | 1068 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3607514224-1300816550-3752628117-560752369 | 7/8/2021 5:21:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-EA-17-96 has moved from port 3593DCC2-44F0-47CD-BC83-E6A18603AF3C (Friendly Name: bf62b21d-a5e2-4ca7-aa33-d2f055196c74) to port 3593DCC2-44F0-47CD-BC83-E6A18603AF3C (Friendly Name: bf62b21d-a5e2-4ca7-aa33-d2f055196c74). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3281 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 3940 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:21:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D7064C70-E2A6-4D88-958F-ACDFF1666C21--C80AC5B6-C950-458F-9B95-5371DDB9E38E (Friendly Name: bf62b21d-a5e2-4ca7-aa33-d2f055196c74) successfully connected to port 3593DCC2-44F0-47CD-BC83-E6A18603AF3C (Friendly Name: bf62b21d-a5e2-4ca7-aa33-d2f055196c74) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3280 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3764 | 4876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3607514224-1300816550-3752628117-560752369 | 7/8/2021 5:21:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3279 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:21:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D7064C70-E2A6-4D88-958F-ACDFF1666C21--C80AC5B6-C950-458F-9B95-5371DDB9E38E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3278 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3764 | 4876 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:21:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3277 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:19:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3276 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:18:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 861A2E0F-D4A9-460D-A962-ECC66ABD4FF0--4CA402A1-F83F-4C97-B8E2-D187F561C0B4 (Friendly Name: ce9dab13-ec9f-4327-a07c-3586a33f82c2). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3275 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4520 | 1868 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2249862671-1175311529-3337380521-4031757674 | 7/8/2021 5:17:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 861A2E0F-D4A9-460D-A962-ECC66ABD4FF0--4CA402A1-F83F-4C97-B8E2-D187F561C0B4 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3274 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4520 | 1868 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2249862671-1175311529-3337380521-4031757674 | 7/8/2021 5:17:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic CA29DDC1-527E-46DC-83E1-A3798BE5AC4B--CCC2FDE9-9CE0-427A-827B-6EB768B775D2 (Friendly Name: eeebff40-b3f4-490b-8edd-fdef0cf97442). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3273 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4280 | 3196 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3391741377-1188844158-2040783235-1269622155 | 7/8/2021 5:17:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CA29DDC1-527E-46DC-83E1-A3798BE5AC4B--CCC2FDE9-9CE0-427A-827B-6EB768B775D2 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3272 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4280 | 3196 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3391741377-1188844158-2040783235-1269622155 | 7/8/2021 5:17:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 6AC05470-2A46-44A0-A343-FA3A2A122D17--8EECA0D3-9889-4C2F-AB88-DA90427A7C95 (Friendly Name: 082ed4f6-77d9-4bbb-a2bb-981af62dec89). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3271 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4948 | 3648 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1790989424-1151347270-989479843-388829738 | 7/8/2021 5:17:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6AC05470-2A46-44A0-A343-FA3A2A122D17--8EECA0D3-9889-4C2F-AB88-DA90427A7C95 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3270 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4948 | 3648 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1790989424-1151347270-989479843-388829738 | 7/8/2021 5:17:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-91-64-C0 has moved from port 6802E2AC-16D4-4011-9706-4AE3A63F3D44 (Friendly Name: 5fdfd7fd-15d6-47fd-8841-44f9042f9e23) to port 6802E2AC-16D4-4011-9706-4AE3A63F3D44 (Friendly Name: 5fdfd7fd-15d6-47fd-8841-44f9042f9e23). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3269 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2672 | 4176 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02164707-EFED-4F6A-8056-13EB9BD194F4--CD706BBA-61D9-4D83-B6F4-3CAC2B0526F1 (Friendly Name: 5fdfd7fd-15d6-47fd-8841-44f9042f9e23) successfully connected to port 6802E2AC-16D4-4011-9706-4AE3A63F3D44 (Friendly Name: 5fdfd7fd-15d6-47fd-8841-44f9042f9e23) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3268 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4356 | 2480 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-35014407-1332408301-3943913088-4103393691 | 7/8/2021 5:17:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 02164707-EFED-4F6A-8056-13EB9BD194F4--CD706BBA-61D9-4D83-B6F4-3CAC2B0526F1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3267 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4356 | 5092 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3266 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2A8E251A-0403-4BB0-96B0-B9E2D0796B0D--693818DA-63BF-4C8C-92E1-B2694DB33315 (Friendly Name: 20c93683-9205-42a1-9b4f-89dffd43553d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3265 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2892 | 3140 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-713958682-1269826563-3803820182-225147344 | 7/8/2021 5:17:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2A8E251A-0403-4BB0-96B0-B9E2D0796B0D--693818DA-63BF-4C8C-92E1-B2694DB33315 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3264 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2892 | 3140 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-713958682-1269826563-3803820182-225147344 | 7/8/2021 5:17:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?
Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699. | 6038 | 0 | 0 | 3 | 0 | 0 | 36028797018963968 | 3263 | LsaSrv | 199fe037-2b82-40a9-82ac-e1d46c792b99 | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2A8E251A-0403-4BB0-96B0-B9E2D0796B0D--693818DA-63BF-4C8C-92E1-B2694DB33315 (Friendly Name: 20c93683-9205-42a1-9b4f-89dffd43553d) successfully connected to port 58ABC8A9-0885-4346-809A-DC61A572F00A (Friendly Name: 20c93683-9205-42a1-9b4f-89dffd43553d) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3262 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2892 | 3140 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-713958682-1269826563-3803820182-225147344 | 7/8/2021 5:17:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2A8E251A-0403-4BB0-96B0-B9E2D0796B0D--693818DA-63BF-4C8C-92E1-B2694DB33315 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3261 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2892 | 3140 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 861A2E0F-D4A9-460D-A962-ECC66ABD4FF0--4CA402A1-F83F-4C97-B8E2-D187F561C0B4 (Friendly Name: ce9dab13-ec9f-4327-a07c-3586a33f82c2) successfully connected to port 82D092E2-94BA-4630-B4A4-ED1D2562AF4F (Friendly Name: ce9dab13-ec9f-4327-a07c-3586a33f82c2) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3260 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4520 | 1868 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2249862671-1175311529-3337380521-4031757674 | 7/8/2021 5:17:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 861A2E0F-D4A9-460D-A962-ECC66ABD4FF0--4CA402A1-F83F-4C97-B8E2-D187F561C0B4 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3259 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4520 | 1868 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:17:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 58D16B88-3404-439F-9D7C-3C4E86D0374C--D063CCE9-4BBF-432D-98EB-5F8141823D4C (Friendly Name: 938a680b-6005-4294-bc15-ac22ce63be59). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3258 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 4892 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1490119560-1134507012-1312586909-1278726278 | 7/8/2021 5:17:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 58D16B88-3404-439F-9D7C-3C4E86D0374C--D063CCE9-4BBF-432D-98EB-5F8141823D4C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3257 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 4892 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1490119560-1134507012-1312586909-1278726278 | 7/8/2021 5:17:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic EF605963-7830-4975-903C-6E0D13EDA296--3CDB39C0-96CD-4D73-86EF-DD73B8B80075 (Friendly Name: 3264fae5-374f-40ca-92fe-1617fc5acee6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3256 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2848 | 4416 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4016068963-1232435248-225328272-2527259923 | 7/8/2021 5:17:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EF605963-7830-4975-903C-6E0D13EDA296--3CDB39C0-96CD-4D73-86EF-DD73B8B80075 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3255 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2848 | 4416 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4016068963-1232435248-225328272-2527259923 | 7/8/2021 5:17:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC EF605963-7830-4975-903C-6E0D13EDA296--3CDB39C0-96CD-4D73-86EF-DD73B8B80075 (Friendly Name: 3264fae5-374f-40ca-92fe-1617fc5acee6) successfully connected to port 9A87D414-C1C8-4290-97EA-67B2E16ACA49 (Friendly Name: 3264fae5-374f-40ca-92fe-1617fc5acee6) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3254 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2848 | 4416 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4016068963-1232435248-225328272-2527259923 | 7/8/2021 5:16:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic EF605963-7830-4975-903C-6E0D13EDA296--3CDB39C0-96CD-4D73-86EF-DD73B8B80075 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3253 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2848 | 4416 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:16:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 58D16B88-3404-439F-9D7C-3C4E86D0374C--D063CCE9-4BBF-432D-98EB-5F8141823D4C (Friendly Name: 938a680b-6005-4294-bc15-ac22ce63be59) successfully connected to port E88BB38E-77BB-428F-83B5-70E1325D041A (Friendly Name: 938a680b-6005-4294-bc15-ac22ce63be59) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3252 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 4108 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1490119560-1134507012-1312586909-1278726278 | 7/8/2021 5:16:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 58D16B88-3404-439F-9D7C-3C4E86D0374C--D063CCE9-4BBF-432D-98EB-5F8141823D4C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3251 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4820 | 4108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:16:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic FDB6336F-4C11-4D91-8E9A-BD7477EB6B58--89C7EB44-0DB0-4C00-92DB-B4A03F813E5C (Friendly Name: 84e2bcc4-bc7b-418c-bf36-479295308806). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3250 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3884 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4256576367-1301367825-1958582926-1483467639 | 7/8/2021 5:16:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FDB6336F-4C11-4D91-8E9A-BD7477EB6B58--89C7EB44-0DB0-4C00-92DB-B4A03F813E5C successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3249 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3884 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4256576367-1301367825-1958582926-1483467639 | 7/8/2021 5:16:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC FDB6336F-4C11-4D91-8E9A-BD7477EB6B58--89C7EB44-0DB0-4C00-92DB-B4A03F813E5C (Friendly Name: 84e2bcc4-bc7b-418c-bf36-479295308806) successfully connected to port 8FF92793-7CE9-4C06-99CB-9E306DB8F24E (Friendly Name: 84e2bcc4-bc7b-418c-bf36-479295308806) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3248 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 2888 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4256576367-1301367825-1958582926-1483467639 | 7/8/2021 5:16:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic FDB6336F-4C11-4D91-8E9A-BD7477EB6B58--89C7EB44-0DB0-4C00-92DB-B4A03F813E5C (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3247 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 2888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:16:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3246 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:16:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B18C2019-45FF-4E76-96CB-057180F5946B--4B0005B9-F95B-4654-AE45-CB8EC70D4673 (Friendly Name: a1be0a4e-b6cb-4c31-b54a-137c143d4a7c). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3245 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 4996 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2978750489-1316374015-1896205206-1804924288 | 7/8/2021 5:15:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B18C2019-45FF-4E76-96CB-057180F5946B--4B0005B9-F95B-4654-AE45-CB8EC70D4673 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3244 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 4996 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2978750489-1316374015-1896205206-1804924288 | 7/8/2021 5:15:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 699AD210-9329-443A-B3EA-51E050B43634--50C98E42-9318-4712-9E4E-893843273444 (Friendly Name: 5cf68c9b-f7fa-4a17-81fa-80c9f9267be1). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3243 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4492 | 2412 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1771754000-1144689449-3763464883-876000336 | 7/8/2021 5:15:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 699AD210-9329-443A-B3EA-51E050B43634--50C98E42-9318-4712-9E4E-893843273444 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3242 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4492 | 2412 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1771754000-1144689449-3763464883-876000336 | 7/8/2021 5:15:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 6AC05470-2A46-44A0-A343-FA3A2A122D17--8EECA0D3-9889-4C2F-AB88-DA90427A7C95 (Friendly Name: 082ed4f6-77d9-4bbb-a2bb-981af62dec89) successfully connected to port D4A9CA1A-F16B-4A5B-8139-BCC1FCC995EA (Friendly Name: 082ed4f6-77d9-4bbb-a2bb-981af62dec89) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3241 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4948 | 4940 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1790989424-1151347270-989479843-388829738 | 7/8/2021 5:15:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 6AC05470-2A46-44A0-A343-FA3A2A122D17--8EECA0D3-9889-4C2F-AB88-DA90427A7C95 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3240 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4948 | 4940 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC CA29DDC1-527E-46DC-83E1-A3798BE5AC4B--CCC2FDE9-9CE0-427A-827B-6EB768B775D2 (Friendly Name: eeebff40-b3f4-490b-8edd-fdef0cf97442) successfully connected to port 4F0CF675-B77B-477E-B322-1428B8299270 (Friendly Name: eeebff40-b3f4-490b-8edd-fdef0cf97442) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3239 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4280 | 1000 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3391741377-1188844158-2040783235-1269622155 | 7/8/2021 5:15:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic CA29DDC1-527E-46DC-83E1-A3798BE5AC4B--CCC2FDE9-9CE0-427A-827B-6EB768B775D2 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3238 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4280 | 1000 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic A1246481-E6A1-4C23-B08D-07837808952D--5337B938-37E9-416B-8DD1-52B86BDB8B7E (Friendly Name: 1f0791de-3a15-41d5-b9a8-a1666825f45d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3237 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 140 | 4436 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2703516801-1277421217-2198310320-764741752 | 7/8/2021 5:15:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A1246481-E6A1-4C23-B08D-07837808952D--5337B938-37E9-416B-8DD1-52B86BDB8B7E successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3236 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 140 | 4436 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2703516801-1277421217-2198310320-764741752 | 7/8/2021 5:15:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 96DC4DB2-6702-42E6-9367-CD6A32AED260--14BEEEB7-D0C6-4721-9E26-1369EF952F7A (Friendly Name: e5ecd455-eb58-4651-bbe0-ff1ca7b399c6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3235 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4452 | 1192 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2531020210-1122395906-1791846291-1624419890 | 7/8/2021 5:15:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 96DC4DB2-6702-42E6-9367-CD6A32AED260--14BEEEB7-D0C6-4721-9E26-1369EF952F7A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3234 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4452 | 1192 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2531020210-1122395906-1791846291-1624419890 | 7/8/2021 5:15:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3233 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3232 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC A1246481-E6A1-4C23-B08D-07837808952D--5337B938-37E9-416B-8DD1-52B86BDB8B7E (Friendly Name: 1f0791de-3a15-41d5-b9a8-a1666825f45d) successfully connected to port DE50164C-7524-4F02-83EF-2DCD8E245968 (Friendly Name: 1f0791de-3a15-41d5-b9a8-a1666825f45d) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3231 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 140 | 4412 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2703516801-1277421217-2198310320-764741752 | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic A1246481-E6A1-4C23-B08D-07837808952D--5337B938-37E9-416B-8DD1-52B86BDB8B7E (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3230 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 140 | 4412 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3229 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3228 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3226 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3225 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3224 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448) successfully connected to port AEC137DD-7BBE-4213-A8E1-96361B58E30C (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3223 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3222 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3221 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3220 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 96DC4DB2-6702-42E6-9367-CD6A32AED260--14BEEEB7-D0C6-4721-9E26-1369EF952F7A (Friendly Name: e5ecd455-eb58-4651-bbe0-ff1ca7b399c6) successfully connected to port 391CE938-0DED-4E22-A987-36959141CFCD (Friendly Name: e5ecd455-eb58-4651-bbe0-ff1ca7b399c6) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3219 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4452 | 1192 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2531020210-1122395906-1791846291-1624419890 | 7/8/2021 5:15:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 96DC4DB2-6702-42E6-9367-CD6A32AED260--14BEEEB7-D0C6-4721-9E26-1369EF952F7A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3218 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4452 | 1192 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2) successfully connected to port 6B7FA6C3-2381-4FE6-8C60-D0E97DBD6246 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3217 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3216 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3215 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3214 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448) successfully connected to port AEC137DD-7BBE-4213-A8E1-96361B58E30C (Friendly Name: 54aeaab6-e985-446a-9d13-e615e388a448) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3213 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2666323877-1162108790-1506842029-750954162 | 7/8/2021 5:15:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9EECDFA5-5F76-4544-AD95-D059B2A6C22C--0FE4B4FD-9983-4362-9866-D41E61B5D800 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3212 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 88 | 2688 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2) successfully connected to port 6B7FA6C3-2381-4FE6-8C60-D0E97DBD6246 (Friendly Name: 45f65206-6d53-4819-a3d5-a56789e623a2) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3211 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-44785052-1216267285-984094367-1040949566 | 7/8/2021 5:15:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 02AB5D9C-C415-487E-9F16-A83A3EA10B3E--487931E3-2870-40D0-A119-815C5338E793 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3210 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3956 | 4348 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:15:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3209 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2984 | 1180 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:15:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3208 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2984 | 1180 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:15:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3207 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 7761A4D8-FBF4-4173-894A-FDA8C622BCA8--66BE218E-259C-4F98-BC6D-F06C29FF5151 (Friendly Name: b866fc5f-275c-4515-8af0-1e43138608d6). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3206 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2636 | 1000 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2002887896-1098120180-2835171977-2830901958 | 7/8/2021 5:14:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7761A4D8-FBF4-4173-894A-FDA8C622BCA8--66BE218E-259C-4F98-BC6D-F06C29FF5151 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3205 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2636 | 1000 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2002887896-1098120180-2835171977-2830901958 | 7/8/2021 5:14:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 699AD210-9329-443A-B3EA-51E050B43634--50C98E42-9318-4712-9E4E-893843273444 (Friendly Name: 5cf68c9b-f7fa-4a17-81fa-80c9f9267be1) successfully connected to port EE06897F-4BA7-4625-BE93-950B20B2A726 (Friendly Name: 5cf68c9b-f7fa-4a17-81fa-80c9f9267be1) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3204 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4492 | 4408 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1771754000-1144689449-3763464883-876000336 | 7/8/2021 5:14:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 699AD210-9329-443A-B3EA-51E050B43634--50C98E42-9318-4712-9E4E-893843273444 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3203 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4492 | 4408 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d) successfully connected to port 47EF39BA-9D59-4B53-8D82-B9A1B7952213 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3202 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2984 | 4344 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:14:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3201 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2984 | 4344 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3200 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3476 | 2868 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:14:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3199 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3476 | 2868 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:14:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3198 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3197 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic AC175184-2F39-46E0-9810-0D7C316710A0--584C1CD5-7A57-4270-83DD-D4BBED2B7DF0 (Friendly Name: 8aaa97c0-518c-446d-87cd-28b5d9bd4940). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3196 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1076 | 1068 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2887209348-1189097273-2081231000-2685429553 | 7/8/2021 5:14:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC AC175184-2F39-46E0-9810-0D7C316710A0--584C1CD5-7A57-4270-83DD-D4BBED2B7DF0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3195 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1076 | 1068 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2887209348-1189097273-2081231000-2685429553 | 7/8/2021 5:14:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 7761A4D8-FBF4-4173-894A-FDA8C622BCA8--66BE218E-259C-4F98-BC6D-F06C29FF5151 (Friendly Name: b866fc5f-275c-4515-8af0-1e43138608d6) successfully connected to port 644B61E8-DFD4-4C43-9206-038BE2409482 (Friendly Name: b866fc5f-275c-4515-8af0-1e43138608d6) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3194 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2636 | 1000 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2002887896-1098120180-2835171977-2830901958 | 7/8/2021 5:14:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 7761A4D8-FBF4-4173-894A-FDA8C622BCA8--66BE218E-259C-4F98-BC6D-F06C29FF5151 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3193 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2636 | 1000 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:14:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d) successfully connected to port 47EF39BA-9D59-4B53-8D82-B9A1B7952213 (Friendly Name: 211c3bad-857a-4775-936b-210df909691d) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3192 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3476 | 3048 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2655902586-1199046901-3186607770-1506775856 | 7/8/2021 5:13:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 9E4DDB7A-00F5-4778-9AC6-EFBD3093CF59--88729F3C-F388-412F-86B0-F6150AE785F1 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3191 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3476 | 3048 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 0142B8F3-66BB-483F-80E4-01C1C5F5A4A3--62502A10-376D-4A3D-9F87-8D13D2177E4B (Friendly Name: 783fa47f-ac20-41e4-aac9-9e745015dc6e). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3190 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 4920 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-21149939-1212114619-3238126720-2745497029 | 7/8/2021 5:13:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0142B8F3-66BB-483F-80E4-01C1C5F5A4A3--62502A10-376D-4A3D-9F87-8D13D2177E4B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3189 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 4920 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-21149939-1212114619-3238126720-2745497029 | 7/8/2021 5:13:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MAC address FA-16-3E-8E-44-C4 has moved from port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) to port 8B1AA563-5DEB-4BE0-8D43-EDDB50B34BAF (Friendly Name: a1be0a4e-b6cb-4c31-b54a-137c143d4a7c). | 25 | 0 | | 4 | 1018 | 0 | -9223372036854775808 | 3188 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B18C2019-45FF-4E76-96CB-057180F5946B--4B0005B9-F95B-4654-AE45-CB8EC70D4673 (Friendly Name: a1be0a4e-b6cb-4c31-b54a-137c143d4a7c) successfully connected to port 8B1AA563-5DEB-4BE0-8D43-EDDB50B34BAF (Friendly Name: a1be0a4e-b6cb-4c31-b54a-137c143d4a7c) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3187 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 4288 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2978750489-1316374015-1896205206-1804924288 | 7/8/2021 5:13:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B18C2019-45FF-4E76-96CB-057180F5946B--4B0005B9-F95B-4654-AE45-CB8EC70D4673 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3186 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2872 | 4288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3185 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Windows Modules Installer service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3184 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:13:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Storage Spaces SMP service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3183 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3182 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3181 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3180 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 0142B8F3-66BB-483F-80E4-01C1C5F5A4A3--62502A10-376D-4A3D-9F87-8D13D2177E4B (Friendly Name: 783fa47f-ac20-41e4-aac9-9e745015dc6e) successfully connected to port 0A6B5E18-5D47-4936-A180-C0D24F456439 (Friendly Name: 783fa47f-ac20-41e4-aac9-9e745015dc6e) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3179 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 4920 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-21149939-1212114619-3238126720-2745497029 | 7/8/2021 5:13:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 0142B8F3-66BB-483F-80E4-01C1C5F5A4A3--62502A10-376D-4A3D-9F87-8D13D2177E4B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3178 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3256 | 4920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B7AE6026-151F-4CB4-8121-65C10AB56CA6--D22C2542-2B58-4C72-9CAE-4098F7E759F6 (Friendly Name: 011ed59f-9b5e-434c-883c-b57547355182). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3177 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4360 | 3196 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3081658406-1286870303-3244630401-2792142090 | 7/8/2021 5:13:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7AE6026-151F-4CB4-8121-65C10AB56CA6--D22C2542-2B58-4C72-9CAE-4098F7E759F6 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3176 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4360 | 3196 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3081658406-1286870303-3244630401-2792142090 | 7/8/2021 5:13:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 214809D4-1FFB-4AB8-BB2E-C23AADBFFE5E--5C0C9902-39BD-4A96-9C75-A812D2FA59C5 (Friendly Name: 10996b3c-87da-4ab0-83b8-5146ea7622db). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3175 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4428 | 5004 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-558369236-1253580795-985804475-1593753517 | 7/8/2021 5:13:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 214809D4-1FFB-4AB8-BB2E-C23AADBFFE5E--5C0C9902-39BD-4A96-9C75-A812D2FA59C5 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3174 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4428 | 5004 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-558369236-1253580795-985804475-1593753517 | 7/8/2021 5:13:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC AC175184-2F39-46E0-9810-0D7C316710A0--584C1CD5-7A57-4270-83DD-D4BBED2B7DF0 (Friendly Name: 8aaa97c0-518c-446d-87cd-28b5d9bd4940) successfully connected to port CA759A3C-77C6-4B3C-BE5A-A7A2EE0278AB (Friendly Name: 8aaa97c0-518c-446d-87cd-28b5d9bd4940) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3173 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1076 | 1080 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2887209348-1189097273-2081231000-2685429553 | 7/8/2021 5:13:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic AC175184-2F39-46E0-9810-0D7C316710A0--584C1CD5-7A57-4270-83DD-D4BBED2B7DF0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3172 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1076 | 1080 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:13:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic B5BCDA29-3A04-42DD-9925-A5EBD595C3B2--A9D5E3A3-7410-49FD-B06B-D9056BB3C663 (Friendly Name: bbb381a0-4f97-4158-99cc-bad99cf05541). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3171 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3652 | 3864 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3049052713-1121794564-3953468825-2999162325 | 7/8/2021 5:12:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B5BCDA29-3A04-42DD-9925-A5EBD595C3B2--A9D5E3A3-7410-49FD-B06B-D9056BB3C663 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3170 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3652 | 3864 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3049052713-1121794564-3953468825-2999162325 | 7/8/2021 5:12:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B7AE6026-151F-4CB4-8121-65C10AB56CA6--D22C2542-2B58-4C72-9CAE-4098F7E759F6 (Friendly Name: 011ed59f-9b5e-434c-883c-b57547355182) successfully connected to port 16E7D26B-9F9C-4BD8-9628-20099896AA93 (Friendly Name: 011ed59f-9b5e-434c-883c-b57547355182) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3169 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4360 | 3196 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3081658406-1286870303-3244630401-2792142090 | 7/8/2021 5:12:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B7AE6026-151F-4CB4-8121-65C10AB56CA6--D22C2542-2B58-4C72-9CAE-4098F7E759F6 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3168 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4360 | 3196 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 48E75ED2-67AD-42BF-B9DC-5F00AD73CC68--7EF5F17C-DB95-4EAA-803F-D9033D15501F (Friendly Name: 0b71b65d-11c8-457e-a19a-5fe51330f510). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3167 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3996 | 3108 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1223122642-1119840173-6282425-1758229421 | 7/8/2021 5:12:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48E75ED2-67AD-42BF-B9DC-5F00AD73CC68--7EF5F17C-DB95-4EAA-803F-D9033D15501F successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3166 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3996 | 3108 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1223122642-1119840173-6282425-1758229421 | 7/8/2021 5:12:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 33022DBD-ED0E-4287-B060-F1AE0BA2DCA2--DD479441-7DF4-4A09-9FCD-18BFD0E4E2C7 (Friendly Name: b8b2d203-e95b-44c0-b1eb-76e7c070dd3f). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3165 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2924 | 4180 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-855780797-1116204302-2935054512-2732368395 | 7/8/2021 5:12:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 33022DBD-ED0E-4287-B060-F1AE0BA2DCA2--DD479441-7DF4-4A09-9FCD-18BFD0E4E2C7 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3164 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2924 | 4180 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-855780797-1116204302-2935054512-2732368395 | 7/8/2021 5:12:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C824E808-130F-4872-88BC-196D5418B7EB--6F0FD2E1-9983-4503-B9F0-797C567AE74B (Friendly Name: 9b4c40b0-ff4e-41ef-b1a4-e68b42fa37bf). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3163 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 876 | 1548 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3357861896-1215435535-1830403208-3954645076 | 7/8/2021 5:12:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C824E808-130F-4872-88BC-196D5418B7EB--6F0FD2E1-9983-4503-B9F0-797C567AE74B successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3162 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 876 | 1548 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3357861896-1215435535-1830403208-3954645076 | 7/8/2021 5:12:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic F1023116-5083-4C59-B368-828A0851F092--561BF4D0-8BDD-454C-AA5C-BDED0BCF38DD (Friendly Name: 2d0723d0-4d02-4843-ac46-64e5613b2677). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3161 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3960 | 4772 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4043452694-1280921731-2323802291-2465222920 | 7/8/2021 5:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1023116-5083-4C59-B368-828A0851F092--561BF4D0-8BDD-454C-AA5C-BDED0BCF38DD successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3160 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3960 | 4772 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4043452694-1280921731-2323802291-2465222920 | 7/8/2021 5:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 33022DBD-ED0E-4287-B060-F1AE0BA2DCA2--DD479441-7DF4-4A09-9FCD-18BFD0E4E2C7 (Friendly Name: b8b2d203-e95b-44c0-b1eb-76e7c070dd3f) successfully connected to port 4EB4111B-434A-46E6-BDA6-B73AE43F315B (Friendly Name: b8b2d203-e95b-44c0-b1eb-76e7c070dd3f) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3159 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2924 | 4648 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-855780797-1116204302-2935054512-2732368395 | 7/8/2021 5:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 33022DBD-ED0E-4287-B060-F1AE0BA2DCA2--DD479441-7DF4-4A09-9FCD-18BFD0E4E2C7 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3158 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2924 | 4648 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic D3F59997-3146-4B51-8C2A-DC97FEA46B21--46407EF8-C480-42EF-82A8-D5BB2308D6E9 (Friendly Name: 94341487-40a3-43db-a979-f1978d853bf3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3157 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3168 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3556088215-1263612230-2547788428-560702718 | 7/8/2021 5:12:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D3F59997-3146-4B51-8C2A-DC97FEA46B21--46407EF8-C480-42EF-82A8-D5BB2308D6E9 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3156 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3168 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3556088215-1263612230-2547788428-560702718 | 7/8/2021 5:12:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic DC2C3FC5-1455-462A-B6DB-C842631B53E7--41BE11DF-E777-4BCE-A75D-C6834570CC37 (Friendly Name: 49efdde2-dd13-4a10-903f-b309d4a45759). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3155 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4852 | 1244 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3693887429-1177162837-1120459702-3880983395 | 7/8/2021 5:12:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DC2C3FC5-1455-462A-B6DB-C842631B53E7--41BE11DF-E777-4BCE-A75D-C6834570CC37 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3154 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4852 | 1244 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3693887429-1177162837-1120459702-3880983395 | 7/8/2021 5:12:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC F1023116-5083-4C59-B368-828A0851F092--561BF4D0-8BDD-454C-AA5C-BDED0BCF38DD (Friendly Name: 2d0723d0-4d02-4843-ac46-64e5613b2677) successfully connected to port D0B0C206-1FB0-4504-B139-46194066D29F (Friendly Name: 2d0723d0-4d02-4843-ac46-64e5613b2677) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3153 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3960 | 2876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-4043452694-1280921731-2323802291-2465222920 | 7/8/2021 5:12:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic F1023116-5083-4C59-B368-828A0851F092--561BF4D0-8BDD-454C-AA5C-BDED0BCF38DD (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3152 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3960 | 2876 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic C6C35A3A-FFDD-446E-8D8C-E26879FE6994--2BDF8101-D446-4CA0-B166-B31414CE5069 (Friendly Name: 549b24e7-e16f-4d2e-9ced-ccdddc8e8ca3). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3151 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 4080 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3334691386-1148125149-1759677581-2489974393 | 7/8/2021 5:12:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C6C35A3A-FFDD-446E-8D8C-E26879FE6994--2BDF8101-D446-4CA0-B166-B31414CE5069 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3150 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 4080 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3334691386-1148125149-1759677581-2489974393 | 7/8/2021 5:12:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC DC2C3FC5-1455-462A-B6DB-C842631B53E7--41BE11DF-E777-4BCE-A75D-C6834570CC37 (Friendly Name: 49efdde2-dd13-4a10-903f-b309d4a45759) successfully connected to port 1E3F5092-5CDE-460C-9CF9-19409D9F818F (Friendly Name: 49efdde2-dd13-4a10-903f-b309d4a45759) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3149 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4852 | 828 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3693887429-1177162837-1120459702-3880983395 | 7/8/2021 5:12:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic DC2C3FC5-1455-462A-B6DB-C842631B53E7--41BE11DF-E777-4BCE-A75D-C6834570CC37 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3148 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4852 | 828 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3147 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C824E808-130F-4872-88BC-196D5418B7EB--6F0FD2E1-9983-4503-B9F0-797C567AE74B (Friendly Name: 9b4c40b0-ff4e-41ef-b1a4-e68b42fa37bf) successfully connected to port 5E975076-D883-434F-96C7-5435D62BED15 (Friendly Name: 9b4c40b0-ff4e-41ef-b1a4-e68b42fa37bf) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3146 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 876 | 100 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3357861896-1215435535-1830403208-3954645076 | 7/8/2021 5:12:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C824E808-130F-4872-88BC-196D5418B7EB--6F0FD2E1-9983-4503-B9F0-797C567AE74B (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3145 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 876 | 100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:12:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 2D65FF23-A9BB-4A04-97D8-DC284CE52CCF--F058DE62-3222-4E39-B78C-A806A50BF0C0 (Friendly Name: 4bdb2c6e-1767-480c-96d6-e0aa6bbdac85). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3144 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4624 | 3200 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-761659171-1241819579-685562007-3475825996 | 7/8/2021 5:12:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2D65FF23-A9BB-4A04-97D8-DC284CE52CCF--F058DE62-3222-4E39-B78C-A806A50BF0C0 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3143 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4624 | 3200 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-761659171-1241819579-685562007-3475825996 | 7/8/2021 5:12:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC C6C35A3A-FFDD-446E-8D8C-E26879FE6994--2BDF8101-D446-4CA0-B166-B31414CE5069 (Friendly Name: 549b24e7-e16f-4d2e-9ced-ccdddc8e8ca3) successfully connected to port 319E8831-619A-453A-B40C-D8B1736C7BC8 (Friendly Name: 549b24e7-e16f-4d2e-9ced-ccdddc8e8ca3) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3142 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3804 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3334691386-1148125149-1759677581-2489974393 | 7/8/2021 5:11:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic C6C35A3A-FFDD-446E-8D8C-E26879FE6994--2BDF8101-D446-4CA0-B166-B31414CE5069 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3141 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3804 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:11:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 2D65FF23-A9BB-4A04-97D8-DC284CE52CCF--F058DE62-3222-4E39-B78C-A806A50BF0C0 (Friendly Name: 4bdb2c6e-1767-480c-96d6-e0aa6bbdac85) successfully connected to port 657B4D51-496C-476A-9093-CC5ECBF4278B (Friendly Name: 4bdb2c6e-1767-480c-96d6-e0aa6bbdac85) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3140 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4624 | 4788 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-761659171-1241819579-685562007-3475825996 | 7/8/2021 5:11:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 2D65FF23-A9BB-4A04-97D8-DC284CE52CCF--F058DE62-3222-4E39-B78C-A806A50BF0C0 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3139 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4624 | 4788 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:11:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 1A7454BC-457C-41F4-9B01-D08BF6FB454C--EA43613F-959B-41BC-B774-728FCFCFCBC2 (Friendly Name: 77953463-c58e-46a8-ac51-a375e9c3aa93). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3138 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4180 | 4456 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-443831484-1106527612-2345664923-1279654902 | 7/8/2021 5:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1A7454BC-457C-41F4-9B01-D08BF6FB454C--EA43613F-959B-41BC-B774-728FCFCFCBC2 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3137 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4180 | 4456 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-443831484-1106527612-2345664923-1279654902 | 7/8/2021 5:11:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 214809D4-1FFB-4AB8-BB2E-C23AADBFFE5E--5C0C9902-39BD-4A96-9C75-A812D2FA59C5 (Friendly Name: 10996b3c-87da-4ab0-83b8-5146ea7622db) successfully connected to port 0FEFA607-7021-4F1A-8932-0C6660367543 (Friendly Name: 10996b3c-87da-4ab0-83b8-5146ea7622db) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3136 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4428 | 3324 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-558369236-1253580795-985804475-1593753517 | 7/8/2021 5:11:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 214809D4-1FFB-4AB8-BB2E-C23AADBFFE5E--5C0C9902-39BD-4A96-9C75-A812D2FA59C5 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3135 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4428 | 3324 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:11:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 18A96C80-11A4-499C-933B-3D8330C17928--8C957E7C-C0E1-40BE-BA1C-EF327A01D88A (Friendly Name: 99234428-6c04-4d09-88f5-49f6c3528850). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3134 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 588 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413756544-1234964900-2201828243-679067952 | 7/8/2021 5:11:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18A96C80-11A4-499C-933B-3D8330C17928--8C957E7C-C0E1-40BE-BA1C-EF327A01D88A successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3133 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 588 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413756544-1234964900-2201828243-679067952 | 7/8/2021 5:11:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 48E75ED2-67AD-42BF-B9DC-5F00AD73CC68--7EF5F17C-DB95-4EAA-803F-D9033D15501F (Friendly Name: 0b71b65d-11c8-457e-a19a-5fe51330f510) successfully connected to port 2AE4306E-FCF0-472D-85D2-14DED358AA03 (Friendly Name: 0b71b65d-11c8-457e-a19a-5fe51330f510) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3132 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3996 | 4876 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1223122642-1119840173-6282425-1758229421 | 7/8/2021 5:11:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 48E75ED2-67AD-42BF-B9DC-5F00AD73CC68--7EF5F17C-DB95-4EAA-803F-D9033D15501F (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3131 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3996 | 4876 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:11:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 1A7454BC-457C-41F4-9B01-D08BF6FB454C--EA43613F-959B-41BC-B774-728FCFCFCBC2 (Friendly Name: 77953463-c58e-46a8-ac51-a375e9c3aa93) successfully connected to port EB60AEAB-D888-4A08-B4C8-69B0CD6F54C3 (Friendly Name: 77953463-c58e-46a8-ac51-a375e9c3aa93) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3130 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4180 | 4460 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-443831484-1106527612-2345664923-1279654902 | 7/8/2021 5:11:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 1A7454BC-457C-41F4-9B01-D08BF6FB454C--EA43613F-959B-41BC-B774-728FCFCFCBC2 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3129 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4180 | 4460 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:11:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 279B6A3A-F177-452B-A111-8A837DD948FA--95B27185-9544-49A0-BE79-53623F4099D3 (Friendly Name: e5d165b2-26f3-4e94-80e4-547e8dc7b4be). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3128 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1332 | 4384 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-664496698-1160507767-2206863777-4199078269 | 7/8/2021 5:11:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 279B6A3A-F177-452B-A111-8A837DD948FA--95B27185-9544-49A0-BE79-53623F4099D3 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3127 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1332 | 4384 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-664496698-1160507767-2206863777-4199078269 | 7/8/2021 5:11:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 279B6A3A-F177-452B-A111-8A837DD948FA--95B27185-9544-49A0-BE79-53623F4099D3 (Friendly Name: e5d165b2-26f3-4e94-80e4-547e8dc7b4be) successfully connected to port 882803AA-41CF-4D1F-8EA5-6AA577DC0CAA (Friendly Name: e5d165b2-26f3-4e94-80e4-547e8dc7b4be) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3126 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1332 | 524 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-664496698-1160507767-2206863777-4199078269 | 7/8/2021 5:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 279B6A3A-F177-452B-A111-8A837DD948FA--95B27185-9544-49A0-BE79-53623F4099D3 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3125 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1332 | 524 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3124 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 18A96C80-11A4-499C-933B-3D8330C17928--8C957E7C-C0E1-40BE-BA1C-EF327A01D88A (Friendly Name: 99234428-6c04-4d09-88f5-49f6c3528850) successfully connected to port 3DF269E0-9F41-498A-9B94-63EEC2A4C081 (Friendly Name: 99234428-6c04-4d09-88f5-49f6c3528850) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3123 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 4216 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-413756544-1234964900-2201828243-679067952 | 7/8/2021 5:10:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 18A96C80-11A4-499C-933B-3D8330C17928--8C957E7C-C0E1-40BE-BA1C-EF327A01D88A (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3122 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 1748 | 4216 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic AADE0194-C22B-4953-81F9-8918E9818596--C659F39B-3970-42DA-8FD9-36427D20E065 (Friendly Name: 55bb6062-d46f-45ae-bd9c-f6ae2ecefc49). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3121 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4052 | 3628 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2866676116-1230225963-411695489-2525331945 | 7/8/2021 5:10:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC AADE0194-C22B-4953-81F9-8918E9818596--C659F39B-3970-42DA-8FD9-36427D20E065 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3120 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4052 | 3628 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2866676116-1230225963-411695489-2525331945 | 7/8/2021 5:10:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC AADE0194-C22B-4953-81F9-8918E9818596--C659F39B-3970-42DA-8FD9-36427D20E065 (Friendly Name: 55bb6062-d46f-45ae-bd9c-f6ae2ecefc49) successfully connected to port 7FD54F6F-8898-4DD6-933D-F10797CE67B6 (Friendly Name: 55bb6062-d46f-45ae-bd9c-f6ae2ecefc49) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3119 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4052 | 3628 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-2866676116-1230225963-411695489-2525331945 | 7/8/2021 5:10:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic AADE0194-C22B-4953-81F9-8918E9818596--C659F39B-3970-42DA-8FD9-36427D20E065 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3118 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4052 | 3628 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Status 0x00001069 determining that device interface \\?\{8e7bd593-6e6c-4c52-86a6-77175494dd8e}#MsVhdHba#1&3030e83&0&01#{2accfe60-c130-11d2-b082-00a0c91efb8b} does not support iSCSI WMI interfaces. If this device is not an iSCSI HBA then this error can be ignored. | 108 | | 0 | 3 | 0 | | 36028797018963968 | 3117 | MSiSCSI | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 07851F90-ADDB-47A9-AC1A-AE212E556823--E0680DCC-A094-43AE-AFB3-4641CE4AF682 (Friendly Name: eec80594-369a-4e00-ad3a-1ed5db4bdc38). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3116 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3460 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-126164880-1202302427-565058220-594040110 | 7/8/2021 5:10:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 07851F90-ADDB-47A9-AC1A-AE212E556823--E0680DCC-A094-43AE-AFB3-4641CE4AF682 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3115 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3460 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-126164880-1202302427-565058220-594040110 | 7/8/2021 5:10:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D3F59997-3146-4B51-8C2A-DC97FEA46B21--46407EF8-C480-42EF-82A8-D5BB2308D6E9 (Friendly Name: 94341487-40a3-43db-a979-f1978d853bf3) successfully connected to port C90C2D64-F9CC-4C76-84BD-F7E2E070D04F (Friendly Name: 94341487-40a3-43db-a979-f1978d853bf3) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3114 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3164 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3556088215-1263612230-2547788428-560702718 | 7/8/2021 5:10:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D3F59997-3146-4B51-8C2A-DC97FEA46B21--46407EF8-C480-42EF-82A8-D5BB2308D6E9 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3113 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4988 | 3164 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 07851F90-ADDB-47A9-AC1A-AE212E556823--E0680DCC-A094-43AE-AFB3-4641CE4AF682 (Friendly Name: eec80594-369a-4e00-ad3a-1ed5db4bdc38) successfully connected to port 437B1062-3093-4EB3-BA46-49465C39EA24 (Friendly Name: eec80594-369a-4e00-ad3a-1ed5db4bdc38) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3112 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3296 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-126164880-1202302427-565058220-594040110 | 7/8/2021 5:10:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 07851F90-ADDB-47A9-AC1A-AE212E556823--E0680DCC-A094-43AE-AFB3-4641CE4AF682 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3111 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 5000 | 3296 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Delete' succeeded on nic 5C34F9DF-15E5-441F-B9EC-1C4249B23CFB--FF6F1BAD-70DF-4970-948D-9C190F4F57F7 (Friendly Name: 0d1abdaf-1c2d-4e98-881a-5f32e94daa80). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3110 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3760 | 3128 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1546975711-1142887909-1109191865-4215059017 | 7/8/2021 5:10:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C34F9DF-15E5-441F-B9EC-1C4249B23CFB--FF6F1BAD-70DF-4970-948D-9C190F4F57F7 successfully disconnected from port . | 234 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3109 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3760 | 3128 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1546975711-1142887909-1109191865-4215059017 | 7/8/2021 5:10:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC 5C34F9DF-15E5-441F-B9EC-1C4249B23CFB--FF6F1BAD-70DF-4970-948D-9C190F4F57F7 (Friendly Name: 0d1abdaf-1c2d-4e98-881a-5f32e94daa80) successfully connected to port AE4561C3-B343-46C5-8351-22CE6B4F2F62 (Friendly Name: 0d1abdaf-1c2d-4e98-881a-5f32e94daa80) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3108 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3760 | 5008 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-1546975711-1142887909-1109191865-4215059017 | 7/8/2021 5:10:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic 5C34F9DF-15E5-441F-B9EC-1C4249B23CFB--FF6F1BAD-70DF-4970-948D-9C190F4F57F7 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3107 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3760 | 5008 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC B5BCDA29-3A04-42DD-9925-A5EBD595C3B2--A9D5E3A3-7410-49FD-B06B-D9056BB3C663 (Friendly Name: bbb381a0-4f97-4158-99cc-bad99cf05541) successfully connected to port E4B2A0DD-960C-4540-850B-614A8DCD2E3A (Friendly Name: bbb381a0-4f97-4158-99cc-bad99cf05541) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3106 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3652 | 2132 | n-h2-799527-4.cbci-799527-4.local | S-1-5-83-1-3049052713-1121794564-3953468825-2999162325 | 7/8/2021 5:10:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic B5BCDA29-3A04-42DD-9925-A5EBD595C3B2--A9D5E3A3-7410-49FD-B06B-D9056BB3C663 (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3105 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 3652 | 2132 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3104 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:10:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3103 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:09:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3102 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:09:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3101 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:09:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3100 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:09:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3099 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:09:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3098 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3097 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3096 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3095 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3094 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3093 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3092 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3091 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Service Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3090 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3089 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3088 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3087 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3086 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:08:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3085 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:07:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The neutron-hyperv-agent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3084 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:07:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-799527-4\administrator SID (S-1-5-21-3317184855-982482558-1740602823-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3083 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 988 | 104 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-3317184855-982482558-1740602823-500 | 7/8/2021 5:07:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3082 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:07:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nova-compute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3081 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:07:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user CBCI-799527-4\administrator SID (S-1-5-21-3317184855-982482558-1740602823-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3080 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 988 | 104 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-3317184855-982482558-1740602823-500 | 7/8/2021 5:07:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3079 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:06:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3078 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3077 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3076 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1472 | 3276 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:52 PM | 40d68ff5-c92d-4337-838e-f821d8be2c03 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3075 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3074 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1472 | 3276 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:43 PM | 74535e2d-c6f8-4ad4-9f17-97c0edc5dccf | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source VM IC Time Synchronization Provider. | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3073 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1044 | 1344 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:06:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wisvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3072 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1260 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Run the configured recovery program. | 7031 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 3071 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:32 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Application popup: Windows - Bad Image : Exception Processing Message 0xc000007b Parameters 0x7ff8db801d28 0xffffffffc0000428 0x7ff8db801d28 0x7ff8db801d28 | 26 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3070 | Application Popup | 47bfa2b7-bd54-4fac-b70b-29021084ca8f | System | 580 | 596 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:31 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3069 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3068 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1260 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 3067 | Virtual Disk Service | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3066 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 988 | 1564 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:06:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3065 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1260 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from n-ad-799527-4.cbci-799527-4.local (ntp.d|0.0.0.0:123->10.222.0.55:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3064 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1044 | 1344 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:06:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 3063 | Virtual Disk Service | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3062 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 880 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:22 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system failed to register pointer (PTR) resource records (RRs) for network adapter
with settings:
Adapter Name : {3A9B8CD5-C712-4A61-BF10-FE6EC564D2DC}
Host Name : n-h2-799527-4
Adapter-specific Domain Suffix : cbci-799527-4.local
DNS server list :
10.222.0.55, 8.8.8.8, 4.4.4.4
Sent update to server : <?>
IP Address :
10.222.0.21
The reason the system could not register these RRs during the update request was because of a system problem. You can manually retry DNS registration of the network adapter and its settings by typing 'ipconfig /registerdns' at the command prompt. If problems still persist, contact your DNS server or network systems administrator. See event details for specific error code information. | 8014 | 0 | | 4 | 1028 | 0 | 4611686018427387904 | 3061 | Microsoft-Windows-DNS-Client | 1c95126e-7eea-49a9-a3fe-a378b03ddb4d | System | 1164 | 3144 | n-h2-799527-4.cbci-799527-4.local | S-1-5-20 | 7/8/2021 5:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3060 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\cloudbase-init SID (S-1-5-21-4222169502-1604480520-1616450151-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3059 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 988 | 2940 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-4222169502-1604480520-1616450151-1000 | 7/8/2021 5:06:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3058 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1252 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3057 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1472 | 3276 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:18 PM | 34aa2aff-5e4a-4960-a8b6-6f7372952896 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3056 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1252 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3055 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3054 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 3053 | MSiSCSI | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3052 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3051 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 584 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 2 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 3050 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 1472 | 2404 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:16 PM | 65468d0c-d9f5-4c0f-bc4a-fa828f32e8cf | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3049 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MSiSCSI service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3048 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3047 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 504 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3046 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 3045 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 808 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 3044 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\cloudbase-init SID (S-1-5-21-4222169502-1604480520-1616450151-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 3043 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 988 | 1564 | n-h2-799527-4.cbci-799527-4.local | S-1-5-21-4222169502-1604480520-1616450151-1000 | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3042 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1112 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3041 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3040 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1112 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.21 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3039 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 1472 | 2168 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3038 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1112 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3037 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3036 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1092 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3035 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3034 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1260 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3033 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3032 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3031 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3030 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3029 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 584 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3028 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3027 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 576 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3026 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3025 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3024 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1252 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3023 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1252 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3022 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 612 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3021 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3020 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2352 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3019 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 576 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 3018 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-799527-4.cbci-799527-4.local. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 3017 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3016 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKEEXT service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3015 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3014 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3013 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CertPropSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3012 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 908 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3011 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3010 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3009 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3008 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3007 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3006 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3005 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1088 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3004 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 3003 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 3002 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 136 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 3001 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 3000 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2999 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2998 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2997 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2996 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2995 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2994 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2993 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2992 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2991 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2990 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2989 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2988 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2987 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2986 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1100 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2985 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2984 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2983 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1104 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2982 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 584 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2981 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2980 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2979 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2978 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2977 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 572 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2976 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1052 | 1312 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T17:06:12.668000000Z from ?2021?-?07?-?08T17:06:12.737048500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2975 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1052 | 1308 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2974 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 584 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2973 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1288 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2972 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2971 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1052 | 1156 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2970 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 612 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2969 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 612 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2968 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 612 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2967 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1096 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2966 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2965 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2964 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 912 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2963 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2962 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2961 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2960 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2959 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 888 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2958 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 816 | 820 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:11 PM | 8942731c-741b-0005-2173-42891b74d701 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2957 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 692 | 696 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2956 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2955 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2954 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2953 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully bound to port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2952 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully connected to port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2951 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2950 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2949 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 500 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2948 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2947 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2946 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2945 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2944 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2943 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2942 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2941 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2940 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2939 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2938 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2937 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2936 | iScsiPrt | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2935 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) successfully connected to port D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2934 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2933 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 184 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2932 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2931 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 208 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2930 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2929 | VfpExt | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2928 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2927 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 208 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2926 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2925 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2924 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2923 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2922 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2921 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2920 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2919 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2918 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2917 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2916 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2915 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2021?-?07?-?08T17:06:04.491663100Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2914 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-799527-4.cbci-799527-4.local | S-1-5-18 | 7/8/2021 5:06:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2021?-?07?-?08T17:05:57.598423500Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2913 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 3108 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2912 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 2444 | n-h2-799527-4.cbci-799527-4.local | S-1-5-19 | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2911 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 688 | 692 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 8 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2910 | EventLog | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2909 | EventLog | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2908 | EventLog | | System | | | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:06:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2907 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2906 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2905 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2904 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2903 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4.cbci-799527-4.local | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2902 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2901 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2900 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2899 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2898 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2897 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2896 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2895 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2894 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2893 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2892 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2891 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2890 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2889 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1440 | 1520 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IPsec Policy Agent service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2888 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2887 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2886 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3148 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2885 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2920 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Service Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2884 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3148 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2883 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3148 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2882 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3148 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2881 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1616 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2880 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 3656 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2879 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1312 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2878 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1056 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2877 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1056 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T17:05:56.392000000Z from ?2021?-?07?-?08T17:05:56.407250100Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2876 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1448 | 1536 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2875 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1440 | 1584 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2874 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1860 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2873 | EventLog | | System | | | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2872 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-799527-4 | | 7/8/2021 5:05:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2871 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2870 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2869 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2868 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2867 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 5:05:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\shutdown.exe (N-H2-799527-4) has initiated the restart of computer N-H2-799527-4 on behalf of user N-H2-799527-4\Admin for the following reason: No title for this reason could be found
Reason Code: 0x800000ff
Shutdown Type: restart
Comment: Reboot initiated by Ansible | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2866 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 588 | 2852 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2865 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Netlogon service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2864 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The machine n-h2-799527-4 successfully joined the domain cbci-799527-4.local. | 4096 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2863 | NetJoin | 9741fd4e-3757-479f-a3c6-fc49f6d5edd0 | System | 1344 | 1376 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:51 PM | 00000000-0000-0000-0100-000000000000 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Connectivity Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2862 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 5:05:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This computer has been successfully joined to domain 'cbci-799527-4.local'. | 3260 | | 0 | 4 | 0 | | 36028797018963968 | 2861 | Workstation | | System | | | n-h2-799527-4 | | 7/8/2021 5:05:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2860 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2859 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2858 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2857 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 5:05:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2856 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 5:05:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2855 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 5:02:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2854 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 5:02:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2853 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:57:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2852 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:49:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2851 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:48:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2850 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:48:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The firewall exception to allow Internet Storage Name Server (iSNS) client functionality is not enabled. iSNS client functionality is not available. | 121 | | 0 | 3 | 0 | | 36028797018963968 | 2849 | MSiSCSI | | System | | | n-h2-799527-4 | | 7/8/2021 4:47:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Initiator Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2848 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:47:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2847 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:47:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2846 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:47:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| If Digest support selected for iSCSI Session, Will use Processor support for Digest computation. | 67 | | 16384 | 4 | 0 | | 36028797018963968 | 2845 | iScsiPrt | | System | | | n-h2-799527-4 | | 7/8/2021 4:47:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2844 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:47:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft iSCSI Initiator Service service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2843 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2842 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2841 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2840 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2839 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2838 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:47:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2837 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:46:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2836 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:46:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2835 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:46:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2834 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:46:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2833 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:46:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2832 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:45:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2831 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:45:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2830 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:45:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2829 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:45:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2828 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:45:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2827 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:45:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2826 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:44:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2825 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2824 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:41 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2823 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2822 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2821 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:43:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2820 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:43:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2819 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2818 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:43:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2817 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:42:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2816 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:42:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2815 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:42:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2814 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:42:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2813 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:42:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2812 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:42:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2811 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:42:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2810 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:42:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Registry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2809 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:42:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The App Readiness service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2808 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:42:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2807 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:41:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2806 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:41:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Account Sign-in Assistant service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2805 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:41:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2804 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:40:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2803 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:39:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2802 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:39:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2801 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:38:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2800 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:38:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2799 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:38:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2798 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:43 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2797 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2796 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2795 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:37:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2794 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2793 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2792 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:37:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2791 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2790 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2789 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2788 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2787 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:37:00 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2786 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2785 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2784 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2783 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Installer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2782 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:36:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2781 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2780 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2779 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:36:27 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2778 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:36:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2777 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2776 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2775 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2774 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:36:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2773 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:36:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2772 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:58 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2771 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2770 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2769 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2768 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:50 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2767 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-20 | 7/8/2021 4:35:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2766 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-20 | 7/8/2021 4:35:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Biometric Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2765 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2764 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2763 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2762 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2761 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:35:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2760 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2759 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2758 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2757 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1004 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2756 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2755 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2754 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:35:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2753 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2752 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:35:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2751 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1524 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:34:57 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2750 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2749 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2748 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1552 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:34:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2747 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2746 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1548 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:34:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2745 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1832 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2744 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1544 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:34:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully connected to port 917234B9-BA2B-480B-A11D-D60107E6BE66 (Friendly Name: br-data_External) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2743 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2488 | 2748 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) is now operational. | 23 | 0 | | 4 | 1016 | 0 | -9223372036854775808 | 2742 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1392 | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2741 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1392 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) is no longer operational. | 24 | 0 | | 4 | 1017 | 0 | -9223372036854775808 | 2740 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1392 | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Protocol NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) successfully bound to port (Friendly Name: ) on switch (Friendly Name: ). | 17 | 0 | | 4 | 1012 | 0 | -9223372036854775808 | 2739 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1392 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully updated NIC NDIS QoS with Miniport NIC /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: Microsoft Hyper-V Network Adapter) | 191 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2738 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1392 | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic /DEVICE/{5D831AC3-A9AC-46EC-BC52-BFFCB79A98E5} (Friendly Name: ). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2737 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 4 | 1392 | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Initialization failed because the driver device could not be created. Use the string "FA163E4272B3" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. | 4311 | | 49152 | 2 | 0 | | 36028797018963968 | 2736 | NetBT | | System | | | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2735 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 2292 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2734 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 2840 | 2032 | n-h2-799527-4 | | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2733 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 2292 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2732 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3516 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2731 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 592 | 1980 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2730 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 3516 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Switch D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) successfully initialized. | 9 | 0 | | 4 | 1005 | 0 | -9223372036854775808 | 2729 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2488 | 3400 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NIC D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) successfully connected to port D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data) on switch D117DDB1-9F87-487B-A234-E139AC0C3B47(Friendly Name: br-data). | 232 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2728 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2488 | 3400 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operation 'Create' succeeded on nic D117DDB1-9F87-487B-A234-E139AC0C3B47 (Friendly Name: br-data). | 233 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2727 | Microsoft-Windows-Hyper-V-VmSwitch | 67dc0d66-3695-47c0-9642-33f76f7bd7ad | System | 2488 | 3400 | n-h2-799527-4 | | 7/8/2021 4:34:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvms_mp.inf_amd64_e1065995a017ab1b\wvms_mp.inf for Device Instance ID ROOT\VMS_VSMP\0000 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2726 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 3644 | 3880 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: VMSMP
Service File Name: \SystemRoot\System32\drivers\vmswitch.sys
Service Type: kernel mode driver
Service Start Type: demand start
Service Account: | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2725 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2724 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the neutron-hyperv-agent service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2723 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: neutron-hyperv-agent
Service File Name: c:\openstack\bin\OpenStackService.exe neutron-hyperv-agent c:\python37\scripts\neutron-hyperv-agent.exe --config-file c:\openstack\etc\neutron-hyperv-agent.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2722 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nova-compute service was changed from auto start to demand start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2721 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:37 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A service was installed in the system.
Service Name: nova-compute
Service File Name: c:\openstack\bin\OpenStackService.exe nova-compute c:\python37\scripts\nova-compute.exe --config-file c:\openstack\etc\nova.conf
Service Type: user mode service
Service Start Type: auto start
Service Account: LocalSystem | 7045 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2720 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2719 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The IKE and AuthIP IPsec Keying Modules service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2718 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:34:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the IKE and AuthIP IPsec Keying Modules service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2717 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:34:33 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2716 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:29 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2715 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:34:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2714 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:34:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Insider Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2713 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:34:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Portable Device Enumerator Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2712 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:34:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2711 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2710 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:34:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2709 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2708 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Downloaded Maps Manager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2707 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Service Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2706 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic System Host service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2705 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2704 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:34:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected Devices Platform Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2703 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:34:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2702 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:34:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2701 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 2096 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:33:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UsoSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2700 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:33:26 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WMI Performance Adapter service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2699 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:33:21 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2698 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:33:19 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wisvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2697 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:33:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Run the configured recovery program. | 7031 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2696 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:33:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Application popup: Windows - Bad Image : Exception Processing Message 0xc000007b Parameters 0x7ffeb3ce1d28 0xffffffffc0000428 0x7ffeb3ce1d28 0x7ffeb3ce1d28 | 26 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2695 | Application Popup | 47bfa2b7-bd54-4fac-b70b-29021084ca8f | System | 588 | 1760 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:33:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2694 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:33:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T16:33:08.301000000Z from ?2021?-?07?-?08T16:33:08.312220000Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2693 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1448 | 1536 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:33:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Error Reporting Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2692 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:33:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2691 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1016 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:33:05 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2690 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:59 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PolicyAgent service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2689 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| SSL Certificate Settings created by an admin process for endpoint : 0.0.0.0:5986 . | 15301 | 0 | 32768 | 3 | 0 | 0 | 36028797018963968 | 2688 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 32 | n-h2-799527-4 | | 7/8/2021 4:32:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully added. | 15007 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2687 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 32 | n-h2-799527-4 | | 7/8/2021 4:32:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Reservation for namespace identified by URL prefix https://+:5986/wsman/ was successfully deleted. | 15008 | 0 | 16384 | 4 | 0 | 0 | 36028797018963968 | 2686 | Microsoft-Windows-HttpEvent | 7b6bc78c-898b-4170-bbf8-1a469ea43fc5 | System | 4 | 32 | n-h2-799527-4 | | 7/8/2021 4:32:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2685 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2684 | Virtual Disk Service | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vds service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2683 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2682 | Virtual Disk Service | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\Admin SID (S-1-5-21-4222169502-1604480520-1616450151-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2681 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1001 | 7/8/2021 4:32:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrustedInstaller service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2680 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:25 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TBS device identifier has been generated. | 1282 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2679 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 2236 | 2356 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:24 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2678 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1556 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:32:23 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LicenseManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2677 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| This event triggers the TBS device identifier generation. | 1281 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2676 | Microsoft-Windows-TPM-WMI | 7d5387b0-cbe0-11da-a94d-0800200c9a66 | System | 592 | 3032 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:20 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\cloudbase-init SID (S-1-5-21-4222169502-1604480520-1616450151-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2675 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1636 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1000 | 7/8/2021 4:32:18 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2674 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:32:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcaSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2673 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:32:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy settings for the computer were processed successfully. New settings from 1 Group Policy objects were detected and applied. | 1502 | 0 | | 4 | 0 | 1 | -9223372036854775808 | 2672 | Microsoft-Windows-GroupPolicy | aea1b4fa-97d1-45f2-a64c-4d69fffd92c9 | System | 592 | 4024 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:17 PM | 680ca4ab-3477-4c66-8f19-526ccdb44049 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Start | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The swprv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2671 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:32:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:10.222.0.21 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2670 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 592 | 2872 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.openstacklocal with address fe80::5efe:192.168.0.67 has been brought up. | 4200 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2669 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 592 | 2872 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wuauserv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2668 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:32:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The cloudbase-init service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2667 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 872 | n-h2-799527-4 | | 7/8/2021 4:32:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user N-H2-799527-4\cloudbase-init SID (S-1-5-21-4222169502-1604480520-1616450151-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2666 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 960 | 1016 | n-h2-799527-4 | S-1-5-21-4222169502-1604480520-1616450151-1000 | 7/8/2021 4:32:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The KeyIso service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2665 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SessionEnv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2664 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2663 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UmRdpService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2662 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TermService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2661 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cloudbase-init service was changed from demand start to auto start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2660 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:10 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| A new self signed certificate to be used for RD Session Host Server authentication on SSL connections was generated. The name on this certificate is n-h2-799527-4. The SHA1 hash of the certificate is in the event data. | 1056 | 0 | 49152 | 4 | 0 | 0 | 36028797018963968 | 2659 | Microsoft-Windows-TerminalServices-RemoteConnectionManager | c76baa63-ae81-421c-b425-340b4b24157f | System | 0 | 0 | n-h2-799527-4 | | 7/8/2021 4:32:11 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2658 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2657 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DmEnrollmentSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2656 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2655 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 384 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2654 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2653 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 512 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:09 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2652 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2651 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2650 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2649 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2648 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2647 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 804 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2646 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 884 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2645 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1788 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2644 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1448 | 1544 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2643 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2642 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1796 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2641 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1652 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2640 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 2532 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2639 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1672 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2638 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2637 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2636 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2635 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:08 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2634 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2633 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2632 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2631 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2630 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2629 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2628 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2627 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2626 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2625 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2624 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2623 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2622 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2621 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2620 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2619 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2618 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2617 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2616 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2615 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1724 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2614 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2613 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2612 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NcbService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2611 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2610 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2609 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T16:32:07.121000000Z from ?2021?-?07?-?08T16:32:07.323037900Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2608 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1440 | 1956 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2607 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2606 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 888 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2605 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1648 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2604 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1664 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppReadiness service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2603 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1672 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2602 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1672 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2601 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1660 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2600 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1660 | n-h2-799527-4 | | 7/8/2021 4:32:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2599 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2598 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1668 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2597 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1596 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2596 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 1596 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2595 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1440 | 1584 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2594 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2593 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1440 | 1520 | n-h2-799527-4 | S-1-5-19 | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2592 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2591 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2590 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:32:03 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Successfully logged OS information | 2004 | 0 | | 4 | 4000 | 0 | 2305983746702049280 | 2589 | Microsoft-Windows-Setup | 75ebc33e-997f-49cf-b49f-ecc50184b75d | System | 1188 | 1192 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:32:01 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | OS information | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2588 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2587 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2586 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2585 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2584 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2583 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2582 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2581 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2580 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2579 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2578 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 896 | n-h2-799527-4 | | 7/8/2021 4:31:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2577 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:31:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2576 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:31:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2575 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:31:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2574 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 800 | 892 | n-h2-799527-4 | | 7/8/2021 4:31:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2573 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 816 | 820 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:53 PM | bf2f0278-7416-0000-7d02-2fbf1674d701 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2572 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 688 | 692 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2571 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 508 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2570 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2569 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2568 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2567 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-799527-4 | | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2566 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | n-h2-799527-4 | | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2565 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2564 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2563 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2562 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2561 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2560 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2559 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2558 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 384 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:49 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2557 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | n-h2-799527-4 | | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2556 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 228 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2555 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2554 | VfpExt | | System | | | n-h2-799527-4 | | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2553 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume C: (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2552 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 188 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2551 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2550 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2549 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2548 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2547 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2546 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2545 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2544 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2543 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2542 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2541 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2540 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2021?-?07?-?08T16:31:47.489334100Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2539 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | n-h2-799527-4 | S-1-5-18 | 7/8/2021 4:31:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2021?-?07?-?08T16:31:40.362054600Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2538 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2432 | n-h2-799527-4 | | 7/8/2021 4:31:40 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2537 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 692 | 696 | n-h2-799527-4 | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2536 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-799527-4 | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2535 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-799527-4 | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2534 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | n-h2-799527-4 | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system uptime is 19 seconds. | 6013 | | 32768 | 4 | 0 | | 36028797018963968 | 2533 | EventLog | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2532 | EventLog | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2531 | EventLog | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-FL93SK7N03P to N-H2-799527-4. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2530 | EventLog | | System | | | n-h2-799527-4 | | 7/8/2021 4:32:06 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2529 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2528 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2527 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2526 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2525 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2524 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2523 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2522 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2521 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2520 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2519 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2518 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2517 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1304 | 1580 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2516 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1304 | 1676 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2515 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T16:31:39.678000000Z from ?2021?-?07?-?08T16:31:39.698832700Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2514 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1492 | 2236 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2513 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2512 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Install Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2511 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1260 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Device Setup Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2510 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2509 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1276 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HV Host Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2508 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 876 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2507 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2506 | EventLog | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is not listening for WS-Management requests.
User Action
If you did not intentionally stop the service, use the following command to see the WinRM configuration:
winrm enumerate winrm/config/listener | 10149 | 0 | 7 | 3 | 0 | 0 | 36028797018963968 | 2505 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2504 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2503 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2502 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2501 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\system32\winlogon.exe (WIN-5T344G8GM1H) has initiated the restart of computer WIN-FL93SK7N03P on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Upgrade (Planned)
Reason Code: 0x80020003
Shutdown Type: restart
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2500 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 600 | 1312 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:31:39 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2499 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:31:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service stopped. | 4 | | 16896 | 4 | 0 | | 36028797018963968 | 2498 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:31:38 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Network Inspection Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2497 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Network Inspection Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2496 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtual Disk service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2495 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Service started. | 3 | | 16896 | 4 | 0 | | 36028797018963968 | 2494 | Virtual Disk Service | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:31:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2493 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:31:16 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\SMI\Store\Machine\SCHEMA.DAT was reorganized with a starting size of 12853248 bytes and an ending size of 11681792 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2492 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1184 | 1188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:31:07 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \??\C:\windows\System32\config\COMPONENTS was reorganized with a starting size of 71872512 bytes and an ending size of 56864768 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2491 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1184 | 1188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:31:04 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time service is now synchronizing the system time with the time source time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 35 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2490 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1492 | 1520 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:31:02 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2489 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:56 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2488 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2487 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2486 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2485 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2484 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:55 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2483 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2482 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.AssignedAccessLockApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2481 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2480 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:54 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2479 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2478 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2477 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat was cleared updating 0 keys and creating 0 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2476 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1040 | 2936 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:53 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\AppCompat\Programs\Amcache.hve was cleared updating 629 keys and creating 196 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2475 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 2084 | 2472 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:52 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\1 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2474 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2624 | 2648 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2473 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2624 | 2648 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\1 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2472 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2624 | 2648 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver msports.inf_amd64_280f71b0b084cc3b\msports.inf for Device Instance ID ACPI\PNP0501\2 with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2471 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2584 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serenum for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2470 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2584 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service Serial for Device Instance ID ACPI\PNP0501\2 with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2469 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2584 | 2620 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:51 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management concluded the process to install driver wvmbusvideo.inf_amd64_1f06cc897822eef5\wvmbusvideo.inf for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0x0. | 20001 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2468 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2576 | 2616 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Driver Management has concluded the process to add Service HyperVideo for Device Instance ID VMBUS\{DA0A7802-E377-4AAC-8E77-0558EB1073F8}\{5620E0C7-8062-4DCE-AEB7-520C7EF76171} with the following status: 0. | 20003 | 0 | | 4 | 7005 | 0 | -9223372036854775808 | 2467 | Microsoft-Windows-UserPnp | 96f4a050-7e31-453c-88be-9634f4e02139 | System | 2576 | 2616 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The time provider NtpClient is currently receiving valid time data from time.windows.com,0x8 (ntp.m|0x8|0.0.0.0:123->20.101.57.9:123). | 37 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2466 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1492 | 1524 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:30:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmcompute service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2465 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wlidsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2464 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:30:48 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2463 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (Version 10.0, ?1978?-?03?-?07T02:59:33.000000000Z) unloaded successfully. | 1 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2462 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 2432 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinDefend service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2461 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2460 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmms service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2459 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The following boot-start or system-start driver(s) did not load:
dam | 7026 | 0 | 49152 | 4 | 0 | 0 | -9187343239835811840 | 2458 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 808 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DiagTrack service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2457 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2456 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WpnService service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2455 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 884 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanServer service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2454 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service terminated with the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2453 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The iphlpsvc service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2452 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CryptSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2451 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WLMS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2450 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1292 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RemoteRegistry service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2449 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The W32Time service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2448 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PcaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2447 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1396 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TrkWks service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2446 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1344 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Spooler service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2445 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 2080 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The UserManager service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2444 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The MpsSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2443 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SamSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2442 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1344 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TimeBrokerSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2441 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinRM service is listening for WS-Management requests.
User Action
Use the following command to see the specific IPs on which WinRM is listening:
winrm enumerate winrm/config/listener | 10148 | 0 | 7 | 4 | 0 | 0 | 36028797018963968 | 2440 | Microsoft-Windows-WinRM | a7975c8f-ac13-49f1-87da-5a984a4ab417 | System | 0 | 0 | WIN-5T344G8GM1H | | 7/8/2021 4:30:47 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BFE service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2439 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinHttpAutoProxySvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2438 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LanmanWorkstation service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2437 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:46 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WbioSrvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2436 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The FontCache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2435 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Wcmsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2434 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The wudfsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2433 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ShellHWDetection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2432 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dnscache service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2431 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Schedule service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2430 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WinTarget service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2429 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service terminated with the following error:
The device is not ready. | 7023 | 0 | 49152 | 2 | 0 | 0 | -9187343239835811840 | 2428 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The netprofm service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2427 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1400 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NlaSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2426 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SENS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2425 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Winmgmt service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2424 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VSS service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2423 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Dhcp service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2422 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is started | 51046 | 0 | | 4 | 4 | 62 | 2305843009213693952 | 2421 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 1304 | 1676 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is started | 50036 | 0 | | 4 | 4 | 68 | 2305843009213693952 | 2420 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 1304 | 1580 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStart | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The gpsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2419 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The ProfSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2418 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicheartbeat service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2417 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The WPDBusEnum service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2416 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicrdv service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2415 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The nsi service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2414 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventLog service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2413 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1404 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicvss service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2412 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The EventSystem service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2411 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1392 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Themes service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2410 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1264 | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'storqosflt' (10.0, ?2018?-?01?-?01T04:48:05.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2409 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'wcifs' (10.0, ?2018?-?01?-?01T04:48:57.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2408 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'luafv' (10.0, ?2017?-?11?-?01T22:09:40.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2407 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2021?-?07?-?08T16:30:45.320000000Z from ?2021?-?07?-?08T16:30:44.362943700Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2406 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1304 | 1440 | WIN-5T344G8GM1H | S-1-5-19 | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmickvpexchange service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2405 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmictimesync service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2404 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1280 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The vmicshutdown service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2403 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1416 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The HvHost service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2402 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 892 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The lmhosts service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2401 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1340 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DsmSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2400 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 1344 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\BBI was cleared updating 10 keys and creating 2 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2399 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 912 | 944 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The BrokerInfrastructure service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2398 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:44 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The tiledatamodelsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2397 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppXSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2396 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2395 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter #2' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2394 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2393 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2392 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 136 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' restarted | 11 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2391 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The miniport 'Microsoft Hyper-V Network Adapter' was successfully initialized | 3 | 0 | | 4 | 1002 | 0 | -9223372036854775808 | 2390 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter' connected | 12 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2389 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 0 | 0 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The VM and host networking components successfully negotiated protocol version '6.1' | 1 | 0 | | 4 | 1001 | 0 | -9223372036854775808 | 2388 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The StateRepository service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2387 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The dmwappushservice service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2386 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CoreMessagingRegistrar service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2385 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetSetupSvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2384 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DeviceInstall service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2383 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The SystemEventsBroker service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2382 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The sppsvc service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2381 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:36 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The LSM service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2380 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcSs service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2379 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 896 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DcomLaunch service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2378 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The RpcEptMapper service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2377 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Power service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2376 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The PlugPlay service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2375 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 804 | 900 | WIN-5T344G8GM1H | | 7/8/2021 4:30:35 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Remote calls to the SAM database are being restricted using the default security descriptor: O:SYG:SYD:(A;;RC;;;BA).
For more information please see http://go.microsoft.com/fwlink/?LinkId=787651. | 16962 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2374 | Microsoft-Windows-Directory-Services-SAM | 0d4fdc09-8c27-494a-bda0-505e4fd8adae | System | 820 | 824 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:34 PM | 86b262a1-7416-0005-a562-b2861674d701 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Credential Guard (LsaIso.exe) configuration: 0x0, 0 | 14 | 0 | | 4 | 0 | 0 | 4611686018427387904 | 2373 | Microsoft-Windows-Wininit | 206f6dea-d3c5-4d10-bc72-989f03c8b84b | System | 692 | 696 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:34 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Default\NTUSER.DAT was cleared updating 126 keys and creating 18 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2372 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat was cleared updating 628 keys and creating 85 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2371 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\Users\Administrator\NTUSER.DAT was cleared updating 1935 keys and creating 116 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2370 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\NetworkService\NTUSER.DAT was cleared updating 128 keys and creating 20 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2369 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:30 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \??\C:\windows\ServiceProfiles\LocalService\NTUSER.DAT was cleared updating 137 keys and creating 21 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2368 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 572 | 576 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:28 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SAM was cleared updating 80 keys and creating 7 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2367 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 548 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\SECURITY was cleared updating 87 keys and creating 5 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2366 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 532 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \SystemRoot\System32\Config\DEFAULT was cleared updating 229 keys and creating 27 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2365 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 544 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\Config\SOFTWARE was reorganized with a starting size of 78917632 bytes and an ending size of 74686464 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2364 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 536 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:17 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The access history in hive \Device\HarddiskVolume1\Boot\BCD was cleared updating 82 keys and creating 1 modified pages. | 16 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2363 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 484 | 488 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hive \SystemRoot\System32\config\DRIVERS was reorganized with a starting size of 5177344 bytes and an ending size of 5169152 bytes. | 15 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2362 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 32 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:15 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 5 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2361 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 4 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2360 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 3 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2359 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 2 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2358 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 1 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2357 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Processor 0 in group 0 exposes the following power management capabilities:
Idle state type: ACPI Idle (C) States (1 state(s))
Performance state type: None
Nominal Frequency (MHz): 1995
Maximum performance percentage: 100
Minimum performance percentage: 100
Minimum throttle percentage: 100 | 55 | 0 | | 4 | 47 | 0 | -9223372036854775808 | 2356 | Microsoft-Windows-Kernel-Processor-Power | 0f67e49f-fe51-4e9f-b490-6f2948cc6027 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system has been constrained to a periodic tick
Reason: No HW support. | 508 | 0 | | 4 | 159 | 0 | -9223372036854774780 | 2355 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 8 | WIN-5T344G8GM1H | | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Connectivity state in standby: Disconnected, Reason: NIC compliance | 172 | 0 | | 4 | 203 | 0 | -9223372036854774780 | 2354 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 4 | 468 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'npsvctrig' (10.0, ?2016?-?07?-?16T02:28:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2353 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The service entered the Driver load complete state. | 7036 | | 16384 | 4 | 0 | | 36028797018963968 | 2352 | VfpExt | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'FileCrypt' (10.0, ?2016?-?07?-?16T02:22:39.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2351 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:14 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Volume \\?\Volume{be07386b-0000-0000-0000-100000000000} (\Device\HarddiskVolume1) is healthy. No action is needed. | 98 | 0 | | 4 | 0 | 0 | -9223372036854775806 | 2350 | Microsoft-Windows-Ntfs | 3ff37a1c-a68d-4d6e-8c9b-f79e8b16c482 | System | 4 | 188 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'WdFilter' (10.0, ?1978?-?03?-?07T02:59:33.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2349 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| File System Filter 'Wof' (10.0, ?2017?-?10?-?09T01:58:20.000000000Z) has successfully loaded and registered with Filter Manager. | 6 | 1 | | 4 | 0 | 0 | -9223301668110598144 | 2348 | Microsoft-Windows-FilterManager | f3c5e28e-63f6-49c7-a204-e48a1bc4b09d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:13 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Secure Kernel started with status STATUS_SUCCESS and flags 0. | 3 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2347 | Microsoft-Windows-IsolatedUserMode | 73a33ab2-1966-4999-8add-868c41415269 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor initialized I/O remapping.
Hardware present: false
Hardware enabled: false
Policy: 0x0
Enabled features: 0x0
Internal information: 0x0
Problems: 0x0
Additional information: 0x0 | 129 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2346 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor scheduler type is 0x1. | 2 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2345 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Hypervisor successfully started. | 1 | 0 | | 4 | 0 | 0 | -9223301668110598144 | 2344 | Microsoft-Windows-Hyper-V-Hypervisor | 52fc89f8-995e-434c-a91e-199986449890 | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The bootmgr spent 0 ms waiting for user input. | 32 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2343 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| There are 0x1 boot options on this system. | 18 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2342 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot menu policy was 0x0. | 25 | 0 | | 4 | 32 | 0 | -9223372036854775808 | 2341 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The boot type was 0x0. | 27 | 1 | | 4 | 33 | 0 | -9223372036854775808 | 2340 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The last shutdown's success status was true. The last boot's success status was true. | 20 | 0 | | 4 | 31 | 0 | -9223372036854775808 | 2339 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Virtualization Based Security (policies: VBS Enabled,VSM Required,Boot Chain Signer Soft Enforced) is enabled due to HyperV with status STATUS_SUCCESS. | 153 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2338 | Microsoft-Windows-Kernel-Boot | 15ca44ff-4d7a-4baa-bba5-0998955e531e | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system started at system time ?2021?-?07?-?08T16:30:12.480677400Z. | 12 | 0 | | 4 | 1 | 0 | -9223372036854775680 | 2337 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 8 | WIN-5T344G8GM1H | S-1-5-18 | 7/8/2021 4:30:12 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The operating system is shutting down at system time ?2018?-?01?-?19T09:48:14.082208700Z. | 13 | 0 | | 4 | 2 | 0 | -9223372036854775680 | 2336 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 4 | 2896 | WIN-5T344G8GM1H | | 1/19/2018 9:48:14 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The kernel power manager has initiated a shutdown transition.
Shutdown Reason: Kernel API | 109 | 0 | | 4 | 103 | 0 | -9223301668110597116 | 2335 | Microsoft-Windows-Kernel-Power | 331c3b3a-2005-44c2-ac5e-77220c37d6b4 | System | 520 | 524 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Defender Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2334 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was started. | 6005 | | 32768 | 4 | 0 | | 36028797018963968 | 2333 | EventLog | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free. | 6009 | | 32768 | 4 | 0 | | 36028797018963968 | 2332 | EventLog | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The NetBIOS name and DNS host name of this machine have been changed from WIN-5T344G8GM1H to WIN-FL93SK7N03P. | 6011 | | 32768 | 4 | 0 | | 36028797018963968 | 2331 | EventLog | | System | | | WIN-5T344G8GM1H | | 7/8/2021 4:30:45 PM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Task Scheduler service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2330 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Event Log service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2329 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Remote Management (WS-Management) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2328 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2327 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Volume Shadow Copy service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2326 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The State Repository Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2325 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Cryptographic Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2324 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Font Cache Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2323 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft iSCSI Target Server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2322 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Program Compatibility Assistant Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2321 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Diagnostic Policy Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2320 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Link Tracking Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2319 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 956 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2318 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft Software Shadow Copy Provider service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2317 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Connection Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2316 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Licensing Monitoring Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2315 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 748 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Profile Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2314 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Services UserMode Port Redirector service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2313 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1100 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Management Instrumentation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2312 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Time service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2311 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 416 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The system time has changed to ?2018?-?01?-?19T09:48:13.152000000Z from ?2018?-?01?-?19T09:48:13.164762500Z.
Change Reason: An application or system component changed the time. | 1 | 1 | | 4 | 5 | 0 | -9223372036854775792 | 2310 | Microsoft-Windows-Kernel-General | a68ca8b7-004f-d7b6-a698-07e2de0f1f5d | System | 1244 | 2300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Credential Manager service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2309 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1080 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2308 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 2116 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The DHCP Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2307 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1048 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv4 client service is stopped. ShutDown Flag value is 1 | 50037 | 0 | | 4 | 4 | 69 | 2305843009213693952 | 2306 | Microsoft-Windows-Dhcp-Client | 15a7a4f8-0072-4eab-abad-f98a4d666aed | System | 436 | 1300 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| DHCPv6 client service is stopped. ShutDown Flag value is 1 | 51047 | 0 | | 4 | 4 | 63 | 2305843009213693952 | 2305 | Microsoft-Windows-DHCPv6-Client | 6a1f2b00-6a90-4c38-95a5-5cab3b056778 | System | 436 | 1360 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | ServiceStop | Service State Event | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Plug and Play service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2304 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Volume Shadow Copy Requestor service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2303 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Tile Data model server service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2302 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Modules Installer service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2301 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Group Policy Client service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2300 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Hyper-V Virtual Machine Management service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2299 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| User Logoff Notification for Customer Experience Improvement Program | 7002 | 0 | | 4 | 1102 | 0 | 2305878193585782784 | 2298 | Microsoft-Windows-Winlogon | dbe9b383-7cf3-4331-91cc-a3cb16a3b538 | System | 584 | 916 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Event log service was stopped. | 6006 | | 32768 | 4 | 0 | | 36028797018963968 | 2297 | EventLog | | System | | | WIN-5T344G8GM1H | | 1/19/2018 9:48:13 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The CDPUserSvc_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2296 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1040 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Sync Host_24762 service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2295 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. | 10016 | 0 | 0 | 2 | 0 | 0 | -9187343239835811840 | 2294 | Microsoft-Windows-DistributedCOM | 1b562e86-b7aa-4131-badc-b6f3a001407e | System | 820 | 972 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Certificate Propagation service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2293 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Remote Desktop Configuration service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2292 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The process C:\windows\System32\Sysprep\Sysprep.exe (WIN-5T344G8GM1H) has initiated the shutdown of computer WIN-5T344G8GM1H on behalf of user WIN-5T344G8GM1H\Administrator for the following reason: No title for this reason could be found
Reason Code: 0x40002
Shutdown Type: shutdown
Comment: | 1074 | 0 | 32768 | 4 | 0 | 0 | -9187343239835811840 | 2291 | User32 | b0aa8734-56f7-41cc-b2f4-de228e98b946 | System | 448 | 464 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Process C:\Windows\System32\Sysprep\sysprep.exe (process ID:4012) reset policy scheme from {381B4222-F694-41F0-9685-FF5BB260DF2E} to {381B4222-F694-41F0-9685-FF5BB260DF2E} | 12 | 0 | | 4 | 10 | 0 | 4611686018427387904 | 2290 | Microsoft-Windows-UserModePowerService | ce8dee0b-d539-4000-b0f8-77bed049c590 | System | 764 | 316 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:12 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2289 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2288 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Connected User Experiences and Telemetry service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2287 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2286 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1320 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:11 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Client License Service (ClipSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2285 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:10 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Software Protection service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2284 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2283 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2282 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 1104 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The TCP/IP NetBIOS Helper service was successfully sent a stop control.
The reason specified was: 0x40030011 [Operating System: Network Connectivity (Planned)]
Comment: None | 7042 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2281 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 948 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Teredo Tunneling Pseudo-Interface, {8A97E6D0-A2AF-48AE-8BC2-FFC865CC4DF6}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2280 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 8a97e6d0-a2af-48ae-8bc2-ffc865cc4df6 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' is halting | 6 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2279 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 4 | 1984 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport Microsoft Hyper-V Network Adapter #2, {518CDFA4-5492-4D9E-BEAA-908825A4A289}, had event Network Interface deleted while PNP Device still exists. Note that this event is provided for informational purpose and might not be an error always (Eg: In case of vSwitch which was recently un-installed or a LBFO team was removed) | 10317 | 0 | | 2 | 2 | 0 | 2305843009213710358 | 2278 | Microsoft-Windows-NDIS | cdead503-17f5-4a3e-b7ae-df8cc2902eb9 | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | 518cdfa4-5492-4d9e-beaa-908825a4a289 | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | PnP | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x8'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9) | 134 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 2277 | Microsoft-Windows-Time-Service | 06edcfeb-0fd0-4e53-acca-a6f8bbf81bcb | System | 1244 | 1800 | WIN-5T344G8GM1H | S-1-5-19 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Isatap interface isatap.{518CDFA4-5492-4D9E-BEAA-908825A4A289} is no longer active. | 4201 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2276 | Microsoft-Windows-Iphlpsvc | 66a5c15c-4f8e-4044-bf6e-71d896038977 | System | 976 | 1376 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Miniport NIC 'Microsoft Hyper-V Network Adapter #2' paused | 10 | 0 | | 4 | 1003 | 0 | -9223372036854775808 | 2275 | Microsoft-Windows-Hyper-V-Netvsc | 152fbe4b-c7ad-4f68-bada-a4fcc1464f6c | System | 976 | 3116 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Network Setup Service service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2274 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Microsoft-Windows-Kernel-PnP/Configuration log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2273 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:48:09 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the VIA StorX Storage RAID Controller Windows Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2272 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the vsmraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2271 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:07 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Universal Flash Storage (UFS) Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2270 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard NVM Express Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2269 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the stexstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2268 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid4 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2267 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SiSRaid2 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2266 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:05 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Storage Class Memory Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2265 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the SBP-2 Transport/Protocol Bus Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2264 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic [FCoE] STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2263 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic iSCSI Miniport Inbox Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2262 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Fibre Channel STOR Miniport Inbox Driver (wx64) service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2261 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:04 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2260 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the percsas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2259 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pcmcia service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2258 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvraid service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2257 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:03 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the nvstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2256 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:48:02 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic 10 Gigabit Ethernet Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2255 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Network Adapter VBD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2254 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:59 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the mvumis service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2253 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft Standard SATA AHCI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2252 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:58 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the pciide service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2251 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:57 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasr service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2250 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2249 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the megasas service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2248 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:55 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the isapnp service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2247 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SSS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2246 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:51 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS3i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2245 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS2i service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2244 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the LSI_SAS service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2243 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:50 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel RAID Controller Windows 7 service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2242 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Intel(R) SATA RAID Controller Windows service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2241 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the HpSAMD service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2240 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:49 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxstor service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2239 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the elxfcoe service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2238 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2237 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:48 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the cht4iscsi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2236 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic Offload iSCSI Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2235 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:47 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the QLogic FCoE Offload driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2234 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadfcoei service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2233 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the bfadi service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2232 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the Adaptec SAS/SATA-II RAID Storport's Miniport Driver service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2231 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:46 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsbs service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2230 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdxata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2229 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the amdsata service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2228 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the ADP80XX service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2227 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The start type of the 3ware service was changed from demand start to boot start. | 7040 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2226 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:47:45 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Update Orchestrator Service for Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2225 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:40 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Windows Update service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2224 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The User Access Logging Service service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2223 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:35 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Distributed Transaction Coordinator service entered the stopped state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2222 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:34 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The AppX Deployment Service (AppXSVC) service entered the running state. | 7036 | 0 | 16384 | 4 | 0 | 0 | -9187343239835811840 | 2221 | Service Control Manager | 555908d1-a6d7-4695-8e1e-26931d2012f4 | System | 656 | 732 | WIN-5T344G8GM1H | | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Setup log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2220 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The Application log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2219 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| The System log file was cleared. | 104 | 0 | | 4 | 104 | 0 | -9223372036854775808 | 2218 | Microsoft-Windows-Eventlog | fc65ddd8-d6ef-4962-83d5-6e5cfe9ce148 | System | 436 | 1136 | WIN-5T344G8GM1H | S-1-5-21-416071247-492812682-1642729393-500 | 1/19/2018 9:47:33 AM | | | system | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | Log clear | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |