| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Endpoint Protection client is up and running in a healthy state.
Platform version: 4.12.17007.18011
Engine version: 1.1.19400.3
Signature version: 1.371.455.0
| 1150 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 78 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2556 | 3896 | n-h1-826526-5.cbci-826526-5.local | S-1-5-18 | 7/20/2022 5:05:36 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\e89d733766743a05c5a2fbd26d6cdea62335c1f7
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:37:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 77 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2304 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:37:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\e89d733766743a05c5a2fbd26d6cdea62335c1f7
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:37:07 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 76 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2304 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:37:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\c07e85252c63a14890620aa86be6366b808ac5ff
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:36:50 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 75 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3664 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:36:50 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\c07e85252c63a14890620aa86be6366b808ac5ff
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:36:50 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 74 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3664 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:36:50 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\b42b7adc97c017bc703b743454c6f692d7e7d121
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:31 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 73 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:31 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\b42b7adc97c017bc703b743454c6f692d7e7d121
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:31 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 72 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:31 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5d9604c8912fe01699d8727e0c90f00c7a30b6cd
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:31 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 71 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:31 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5d9604c8912fe01699d8727e0c90f00c7a30b6cd
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:31 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 70 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:31 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1baeb19e5a30e2a522f786cf5c481a4da27a10de
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:15 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 69 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3140 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:15 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1baeb19e5a30e2a522f786cf5c481a4da27a10de
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:35:15 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 68 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3140 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:15 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4aaee94efbb9c7bb07d75217908ed8fc15d0becf
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:59 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 67 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1056 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:00 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4aaee94efbb9c7bb07d75217908ed8fc15d0becf
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:59 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 66 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1056 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:35:00 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\604845c19b559a77a84857c5cdb29cccd8516923
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:43 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 65 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1060 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:34:44 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\604845c19b559a77a84857c5cdb29cccd8516923
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:43 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 64 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1060 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:34:44 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\3b4bae4e39757499f415e6ebbfb57466a521a69b
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:41 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 63 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3140 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:34:42 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\3b4bae4e39757499f415e6ebbfb57466a521a69b
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:34:41 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 62 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3140 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:34:42 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\57fac7cdbd381e83f56fd55fd788f4214a7f8626
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:32:37 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 61 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:32:37 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\57fac7cdbd381e83f56fd55fd788f4214a7f8626
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 3:32:37 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 60 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 916 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:32:37 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Endpoint Protection client is up and running in a healthy state.
Platform version: 4.12.17007.18011
Engine version: 1.1.19400.3
Signature version: 1.371.455.0
| 1150 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 59 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1060 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 3:21:46 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1233ae33008a36dc67a6e630f6cf07556582e646
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:20 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 58 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:20 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\1233ae33008a36dc67a6e630f6cf07556582e646
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:20 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 57 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:20 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\72570dd19967e446a015dfeb5c1a05fd78fb7e49
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:19 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 56 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:19 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\72570dd19967e446a015dfeb5c1a05fd78fb7e49
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:19 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 55 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:19 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f83d999f0c6a28fb0427cff1826c35c922cfa9f2
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:18 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 54 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:18 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f83d999f0c6a28fb0427cff1826c35c922cfa9f2
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:18 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 53 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:18 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f575492854939a05b0ba118a2b39efde28c6f3ba
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:18 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 52 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:18 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\f575492854939a05b0ba118a2b39efde28c6f3ba
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:18 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 51 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3652 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:18 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\23060cb6e447465f4df6adcb139909a94316de68
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 50 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2772 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\23060cb6e447465f4df6adcb139909a94316de68
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:17 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 49 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2772 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:17 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\502538b410f10782ca1220650b23b68de6dc2b80
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:16 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 48 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1144 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:16 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\502538b410f10782ca1220650b23b68de6dc2b80
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:16 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 47 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 1144 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:16 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\bc2c8dbf8924fa749a4cb82a29eb70ace8f3cea1
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:16 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 46 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3656 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:16 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\bc2c8dbf8924fa749a4cb82a29eb70ace8f3cea1
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:16 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 45 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3656 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:16 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\a01b5b72b303a53a46ef501874e03abef687469b
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:15 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 44 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3592 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:15 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\a01b5b72b303a53a46ef501874e03abef687469b
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:30:15 AM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 43 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 3592 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:30:15 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\073b3b5e0c6ff62afdcb90f40e6e1c54329b9338
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:29:18 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 42 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2772 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:29:19 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.371.455.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.19400.3
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\073b3b5e0c6ff62afdcb90f40e6e1c54329b9338
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?7/?20/?2022 2:29:18 AM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 41 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2548 | 2772 | n-h1-826526-5 | S-1-5-18 | 7/20/2022 2:29:19 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.371.455.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 40 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2240 | 2472 | WIN-5T344G8GM1H | S-1-5-18 | 7/20/2022 2:21:13 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.371.455.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 39 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2240 | 2472 | WIN-5T344G8GM1H | S-1-5-18 | 7/20/2022 2:21:13 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.19400.3
Previous Engine Version: 1.1.14500.5
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 38 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2240 | 2472 | WIN-5T344G8GM1H | S-1-5-18 | 7/20/2022 2:21:13 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1
New value: | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 37 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2240 | 324 | WIN-5T344G8GM1H | S-1-5-18 | 7/20/2022 2:21:07 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 36 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:48 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 35 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:14:50 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 34 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 33 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiSpyware
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 32 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiVirus
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 31 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 30 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\DaysUntilAggressiveCatchupQuickScan = 0x19
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\DaysUntilAggressiveCatchupQuickScan = 0x1E | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 29 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\NewLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0
New value: Default\NewLocation = | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 28 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 27 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 26 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:45:57 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee2
Error description: The operation timed out | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 25 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 24 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 23 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 22 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value:
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 21 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2244 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 20 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 19 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 18 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 17 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:33:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 16 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 118.2.0.0
Previous Signature Version: 116.1.0.0
Signature Type: Network Inspection System
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://wdcp.microsoft.com/WdCpSrvc.asmx
SOAP:https://wdcpalt.microsoft.com/WdCpSrvc.asmx
REST:https://wdcp.microsoft.com/wdcp.svc/submitReport
REST:https://wdcpalt.microsoft.com/wdcp.svc/submitReport
BOND:https://wdcp.microsoft.com/wdcp.svc/bond/submitreport
BOND:https://wdcpalt.microsoft.com/wdcp.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x3 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiSpyware
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiVirus
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\ManagedDefenderProductType = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ManagedDefenderProductType = 0x0 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:36 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\InstallLocation = C:\Program Files\Windows Defender
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2772 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.12706.0
Previous Engine Version:
User: NT AUTHORITY\SYSTEM | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 116.1.0.0
Previous Signature Version:
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version: 2.1.12706.0
Previous Engine Version: | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SpyNetReportingLocation =
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrencyDss = 0xA
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrencyDss = 0xA | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SSLOptions = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrency = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrency = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: N/A\ProductType =
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ProductType = 0x2 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:16 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |