| Message | Id | Version | Qualifiers | Level | Task | Opcode | Keywords | RecordId | ProviderName | ProviderId | LogName | ProcessId | ThreadId | MachineName | UserId | TimeCreated | ActivityId | RelatedActivityId | ContainerLog | MatchedQueryIds | Bookmark | LevelDisplayName | OpcodeDisplayName | TaskDisplayName | KeywordsDisplayNames | Properties |
|---|
| Endpoint Protection client is up and running in a healthy state.
Platform version: 4.12.17007.18011
Engine version: 1.1.18800.4
Signature version: 1.355.2814.0
| 1150 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 73 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 3:07:21 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4b3c42edb1208815937dcf9f945c12b76274c5d3
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 72 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4b3c42edb1208815937dcf9f945c12b76274c5d3
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 71 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\2dd13f255bc0e9fdd855abb33d13aa97d08100e6
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 70 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\2dd13f255bc0e9fdd855abb33d13aa97d08100e6
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 69 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\69287c80fe23766d23697131d0f50c1d35dc42e2
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 68 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\69287c80fe23766d23697131d0f50c1d35dc42e2
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 67 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\dffb27acffc73e88c309a7e67838bd4609d03153
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 66 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\dffb27acffc73e88c309a7e67838bd4609d03153
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 65 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2980 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:51 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\49321b70721f2975d74b55c18405fb32e2f7409c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 64 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\49321b70721f2975d74b55c18405fb32e2f7409c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 63 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4c9317c90356eaec0162d965074da25cb165129e
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 62 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\4c9317c90356eaec0162d965074da25cb165129e
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 61 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\727bbf12767123a91285809efe7eb9a16340d606
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 60 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\727bbf12767123a91285809efe7eb9a16340d606
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:49 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 59 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5b66e442041c0079e8a7a7d9e8f366e4840c0497
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 58 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\5b66e442041c0079e8a7a7d9e8f366e4840c0497
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 2:11:50 PM
Persistence Limit Type: Duration
Persistence Limit: 150196224 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 57 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2436 | 2976 | n-h2-827070-2.cbci-827070-2.local | S-1-5-18 | 1/31/2022 2:11:50 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\eae37e86cd4cdf6a2dd2f52c0160fee276d62d3d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:15 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 56 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:15 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\eae37e86cd4cdf6a2dd2f52c0160fee276d62d3d
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:15 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 55 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:15 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\7e217ee3de651ed0e2a2cab2d6192750d2dcb1b9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:14 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 54 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:14 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\7e217ee3de651ed0e2a2cab2d6192750d2dcb1b9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:14 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 53 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:14 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\172a4a16d6cd5a3371a2b98bbef16b2f38b3de5c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:13 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 52 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:13 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\172a4a16d6cd5a3371a2b98bbef16b2f38b3de5c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:13 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 51 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3456 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:13 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\7d6da72b314e36c7a01e534cf5ea30cc20d4a6aa
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:13 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 50 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3448 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:13 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\7d6da72b314e36c7a01e534cf5ea30cc20d4a6aa
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:13 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 49 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3448 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:13 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\6a688f65cb112f583c28a12c8ab2ba763decb702
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:12 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 48 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3468 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:12 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\6a688f65cb112f583c28a12c8ab2ba763decb702
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:12 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 47 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3468 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:12 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\470a1a8a539f2cc9842300672c7ff9e7e5d68c2c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:11 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 46 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3356 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:11 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\470a1a8a539f2cc9842300672c7ff9e7e5d68c2c
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:11 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 45 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3356 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:11 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\bb679c1e3854f5a186f9e3a3e238799abc327cf9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:08 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 44 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 4756 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:08 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\bb679c1e3854f5a186f9e3a3e238799abc327cf9
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:08 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 43 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 4756 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:08 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiSpyware
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\74b4e989e9f0e1cea86e1c9db2138bc6a8b90368
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:08 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 42 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3468 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:08 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender used Dynamic Signature Service to retrieve additional signatures to help protect your machine.
Current Signature Version: 1.355.2814.0
Signature Type: AntiVirus
User: \
Current Engine Version: 1.1.18800.4
Dynamic Signature Type: Signature update
Persistence Path: C:\ProgramData\Microsoft\Windows Defender\Scans\RtSigs\data\74b4e989e9f0e1cea86e1c9db2138bc6a8b90368
Dynamic Signature Version: 0.0.0.0
Dynamic Signature Compilation Timestamp: ?1/?31/?2022 1:28:08 PM
Persistence Limit Type: Duration
Persistence Limit: 288000000 | 2010 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 41 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2420 | 3468 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:28:08 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.355.2814.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.18800.4
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 40 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2204 | 2780 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:19:20 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.355.2814.0
Previous Signature Version: 1.261.25.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.18800.4
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 39 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2204 | 2780 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:19:20 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.18800.4
Previous Engine Version: 1.1.14500.5
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 38 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2204 | 2780 | n-h2-827070-2 | S-1-5-18 | 1/31/2022 1:19:20 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1
New value: | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 37 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2204 | 2628 | WIN-5T344G8GM1H | S-1-5-18 | 1/31/2022 1:19:09 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 36 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:22:48 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {2876E356-24ED-4235-BF28-69439A17AF7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 35 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 3896 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:14:50 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 34 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.25.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 33 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2428 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 9:04:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiSpyware
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 32 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.25.0
Previous Signature Version: 1.261.22.0
Signature Type: AntiVirus
Update Type: Delta
User: NT AUTHORITY\SYSTEM
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14500.5 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 31 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2188 | 2592 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:54:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\AggressiveCatchupQuickScanReattemptElapsed = 0x17 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 30 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\Scan\DaysUntilAggressiveCatchupQuickScan = 0x19
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\DaysUntilAggressiveCatchupQuickScan = 0x1E | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 29 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3724 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:38 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\NewLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0
New value: Default\NewLocation = | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 28 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 27 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2888 | 3012 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:52:34 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has been stopped before completion.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
User: NT AUTHORITY\SYSTEM | 1002 | 0 | | 3 | 0 | 0 | -9223372036854775808 | 26 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:45:57 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Warning | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee2
Error description: The operation timed out | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 25 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:54 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiSpyware
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 24 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.261.22.0
Previous Signature Version: 1.259.1667.0
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 23 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14500.5
Previous Engine Version: 1.1.14405.2
User: NT AUTHORITY\NETWORK SERVICE | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 22 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2880 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value:
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\MpEngine\MpGradualEngineRelease = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 21 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 2244 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:35:21 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 20 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 19 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.1667.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. | 2001 | 0 | | 2 | 0 | 0 | -9223372036854775808 | 18 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:34:10 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Error | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender scan has started.
Scan ID: {E7A34311-C021-4F04-8BB3-B3BC9293E402}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Scan Resources:
User: NT AUTHORITY\SYSTEM | 1000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 17 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 1716 | 3872 | WIN-5T344G8GM1H | S-1-5-18 | 1/19/2018 8:33:58 AM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 16 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 118.2.0.0
Previous Signature Version: 116.1.0.0
Signature Type: Network Inspection System
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 2.1.14202.0
Previous Engine Version: 2.1.12706.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 15 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 2364 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:48 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://wdcp.microsoft.com/WdCpSrvc.asmx
SOAP:https://wdcpalt.microsoft.com/WdCpSrvc.asmx
REST:https://wdcp.microsoft.com/wdcp.svc/submitReport
REST:https://wdcpalt.microsoft.com/wdcp.svc/submitReport
BOND:https://wdcp.microsoft.com/wdcp.svc/bond/submitreport
BOND:https://wdcpalt.microsoft.com/wdcp.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 14 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x3 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 13 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5872 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiSpyware
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 12 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 1.259.1667.0
Previous Signature Version: 1.221.14.0
Signature Type: AntiVirus
Update Type: Full
User: WIN-5T344G8GM1H\Administrator
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0 | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 11 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 1.1.14405.2
Previous Engine Version: 1.1.12805.0
User: WIN-5T344G8GM1H\Administrator | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 10 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 5004 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:45 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\ManagedDefenderProductType = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ManagedDefenderProductType = 0x0 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 9 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 2136 | 568 | WIN-5T344G8GM1H | S-1-5-18 | 1/16/2018 5:35:36 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\InstallLocation = C:\Program Files\Windows Defender
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\InstallLocation = C:\Program Files\Windows Defender\ | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 8 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2772 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender engine version has been updated.
Current Engine Version: 2.1.12706.0
Previous Engine Version:
User: NT AUTHORITY\SYSTEM | 2002 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 7 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender signature version has been updated.
Current Signature Version: 116.1.0.0
Previous Signature Version:
Signature Type: Network Inspection System
Update Type: Full
User: NT AUTHORITY\SYSTEM
Current Engine Version: 2.1.12706.0
Previous Engine Version: | 2000 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 6 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 2044 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:26 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SpyNetReportingLocation =
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SpyNetReportingLocation =
SOAP:https://spynet2.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
SOAP:https://spynetalt.microsoft.com/AntiMalwareServices/2/SpynetReportSrvc.asmx
REST:https://spynet2.microsoft.com/spyNet.svc/submitReport
REST:https://spynetalt.microsoft.com/spyNet.svc/submitReport
BOND:https://spynet2.microsoft.com/spyNet.svc/bond/submitreport
BOND:https://spynetalt.microsoft.com/spyNet.svc/bond/submitreport
| 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 5 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrencyDss = 0xA
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrencyDss = 0xA | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 4 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\SSLOptions = 0x0
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\SSLOptions = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 3 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: Default\SpyNet\MAPSconcurrency = 0x1
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\SpyNet\MAPSconcurrency = 0x1 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 2 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:23 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |
| Windows Defender Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware.
Old value: N/A\ProductType =
New value: HKLM\SOFTWARE\Microsoft\Windows Defender\ProductType = 0x2 | 5007 | 0 | | 4 | 0 | 0 | -9223372036854775808 | 1 | Microsoft-Windows-Windows Defender | 11cd958a-c507-4ef3-b3f2-5fd9dfbd2c78 | Microsoft-Windows-Windows Defender/Operational | 124 | 1992 | WIN-PD8DQPRRTAO | S-1-5-18 | 1/16/2018 5:01:16 PM | | | microsoft-windows-windows defender/operational | System.UInt32[] | System.Diagnostics.Eventing.Reader.EventBookmark | Information | Info | | System.Collections.ObjectModel.ReadOnlyCollection`1[System.String] | System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty] |